Filtered by vendor Joinmastodon
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31263 | 1 Joinmastodon | 1 Mastodon | 2022-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions. | |||||
| CVE-2022-24307 | 1 Joinmastodon | 1 Mastodon | 2022-02-09 | 7.5 HIGH | 9.8 CRITICAL |
| Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. (JSON-LD signing has been supported since version 1.6.0.) | |||||
| CVE-2022-0432 | 1 Joinmastodon | 1 Mastodon | 2022-02-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0. | |||||
| CVE-2018-21018 | 1 Joinmastodon | 1 Mastodon | 2019-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions. | |||||