Lucene search

CVE-2024-37903

🗓️ 05 Jul 2024 18:32:15Reported by GitHub_MType

Mastodon version 2.6.0 to 4.1.18 and 4.2.10 allows unauthorized access to post

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
OSV	CVE-2024-37903	5 Jul 202418:15	–	osv
OSV	BIT-MASTODON-2024-37903	9 Jul 202407:24	–	osv
Vulnrichment	CVE-2024-37903 Mastodon has improper authorship check on audience extension for existing posts	5 Jul 202417:24	–	vulnrichment
NVD	CVE-2024-37903	5 Jul 202418:15	–	nvd
Cvelist	CVE-2024-37903 Mastodon has improper authorship check on audience extension for existing posts	5 Jul 202417:24	–	cvelist

Vulners

Vulnrichment

Node

mastodon mastodonRange2.6.0–4.1.18

mastodon mastodonRange4.2.0–4.2.10

[
  {
    "vendor": "mastodon",
    "product": "mastodon",
    "versions": [
      {
        "version": ">= 2.6.0, < 4.1.18",
        "status": "affected"
      },
      {
        "version": ">= 4.2.0, < 4.2.10",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/mastodon/mastodon/security/advisories/GHSA-xjvf-fm67-4qc3
github	www.github.com/mastodon/mastodon/commit/d4bf22b632ea8b1174375c4966a6768ab66393b6
github	www.github.com/mastodon/mastodon/commit/a1c7aae28aecf06659c5b18cfa131b37cd1512a3
github	www.github.com/mastodon/mastodon/releases/tag/v4.1.18
github	www.github.com/mastodon/mastodon/releases/tag/v4.2.10

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jul 2024 18:15Current

8.1High risk

Vulners AI Score8.1

CVSS38.2

EPSS0.00082

SSVC

CWE-862