2 matches found
CVE-2022-46405
CVE-2022-46405 affects Mastodon up to version 4.0.2. The issue enables denial-of-service by creating bot accounts that follow attacker-controlled accounts on servers with a wildcard DNS A record, causing uncontrolled recursion of attacker-generated messages and an enlarged Sidekiq pull queue. Aff...
CVE-2022-46405
Mastodon through 4.0.2 allows attackers to cause a denial of service large Sidekiq pull queue by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated message...