joinmastodon mastodon vulnerabilities and exploits

(subscribe to this query)

Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0....

Joinmastodon Mastodon 4.0.0 Joinmastodon Mastodon1 Github repository available

Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of...

Joinmastodon Mastodon2 Github repositories available

The undo_mark_statuses_as_sensitive method in app/services/approve_appeal_service.rb in Mastodon 3.5.x before 3.5.3 does not use the server's representative account, resulting in moderator identity disclosure when a moderator approves the appeal of a user whose status...

Joinmastodon Mastodon1 Github repository available

Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0....

Joinmastodon Mastodon

app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions....

Joinmastodon Mastodon

Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions....

Joinmastodon Mastodon1 Github repository available

Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. (JSON-LD signing has been supported since version 1.6.0.)...

Joinmastodon Mastodon

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook