Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joinmastodon mastodon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-46405
Mastodon up to and including 4.0.2 allows malicious users to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled re...
Joinmastodon Mastodon
NA
CVE-2022-2166
Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon before 4.0.0.
Joinmastodon Mastodon 4.0.0
Joinmastodon Mastodon
5
CVSSv2
CVE-2022-31263
app/models/user.rb in Mastodon prior to 3.5.0 allows a bypass of e-mail restrictions.
Joinmastodon Mastodon
7.5
CVSSv2
CVE-2022-24307
Mastodon prior to 3.3.2 and 3.4.x prior to 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. (JSON-LD signing has been supported since version 1.6.0.)
Joinmastodon Mastodon
4.3
CVSSv2
CVE-2022-0432
Prototype Pollution in GitHub repository mastodon/mastodon before 3.5.0.
Joinmastodon Mastodon
7.5
CVSSv2
CVE-2018-21018
Mastodon prior to 2.6.3 mishandles timeouts of incompletely established sessions.
Joinmastodon Mastodon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2