CVE-2023-36460

2023-07-0619:15:10

CWE-22

[email protected]

web.nvd.nist.gov

139

cve-2023-36460

mastodon

rce

media files

security vulnerability

denial of service

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon’s media processing code to create arbitrary files at any location. This allows attackers to create and overwrite any file Mastodon has access to, allowing Denial of Service and arbitrary Remote Code Execution. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue.

Affected configurations

Vulners

NVD

Node

mastodonmastodonRange3.5.0–3.5.9

mastodonmastodonRange4.0.0–4.0.5

mastodonmastodonRange4.1.0–4.1.3

CPENameOperatorVersion
joinmastodon:mastodonjoinmastodon mastodonlt3.5.9
joinmastodon:mastodonjoinmastodon mastodonlt4.0.5
joinmastodon:mastodonjoinmastodon mastodonlt4.1.3

CPE	Name	Operator	Version
joinmastodon:mastodon	joinmastodon mastodon	lt	3.5.9
joinmastodon:mastodon	joinmastodon mastodon	lt	4.0.5
joinmastodon:mastodon	joinmastodon mastodon	lt	4.1.3

CNA Affected

[
  {
    "vendor": "mastodon",
    "product": "mastodon",
    "versions": [
      {
        "version": ">= 3.5.0, < 3.5.9",
        "status": "affected"
      },
      {
        "version": ">= 4.0.0, < 4.0.5",
        "status": "affected"
      },
      {
        "version": ">= 4.1.0, < 4.1.3",
        "status": "affected"
      }
    ]
  }
]