2 matches found
CVE-2022-24307
Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. JSON-LD signing has been supported since version 1.6.0...
PT-2022-16596 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions 1.6.0 through 3.3.2 Mastodon versions 3.4.x through 3.4.5 Description: The issue is related to incorrect access control due to the failure to compact incoming signed JSON-LD activities. JSON-LD signing has been supported sin...