9 matches found
BIT-MASTODON-2026-27468 Mastodon may allow unconfirmed FASP to make subscriptions
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
CVE-2026-27468
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
CVE-2026-27468 Mastodon may allow unconfirmed FASP to make subscriptions
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
CVE-2026-27468
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
CVE-2026-27468 Mastodon may allow unconfirmed FASP to make subscriptions
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
PT-2026-21779
Name of the Vulnerable Software and Affected Versions Mastodon versions 4.4.0 through 4.4.13 Mastodon versions 4.5.0 through 4.5.6 Description Mastodon is a free, open-source social network server based on ActivityPub. The issue relates to FASP Federated Actor Subscription Protocol registration,...
app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1448 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk15on (>=1.49 <=1.70)
org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.49, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...
app.cash.backfila:client-misk (>=0.1.0 <=0.1.4-20221128.2102-bdd85b6), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +521 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.60)
org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =0.0.1, =2.0.0, =2.0.1 and more Source cves: CVE-2020-26939 Source...
Timewarrior - Commandline Time Reporting
Timewarrior is a time tracking utility that offers simple stopwatch features as well as sophisticated calendar-based backfill, along with flexible reporting. It is a portable, well supported and very active Open Source project. Installing From Package Thanks to the community, there are binary...