3 matches found
CVE-2018-21018
Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...
CVE-2018-21018
Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...
CVE-2018-21018
CVE-2018-21018 affects Mastodon prior to 2.6.3. The issue is described as mishandling timeouts of incompletely established sessions, with CVSS metrics indicating HIGH to CRITICAL impact (CVSS 2.0: 7.5; CVSS 3.1: 9.8). Affected software is Mastodon before 2.6.3; the root cause relates to session t...