Lucene search
K

17 matches found

Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.10 views

PT-2025-32007 · Mastodon · Mastodon

Name of the Vulnerable Software and Affected Versions: Mastodon versions 3.1.5 through 4.2.24 Mastodon versions 4.3.0 through 4.3.11 Mastodon versions 4.4.0 through 4.4.3 Description: Mastodon’s rate-limiting system contains a configuration error where the email-based throttle for confirmation...

7.5CVSS6.7AI score0.00504EPSS
Exploits0References8
Circl
Circl
added 2025/01/22 3:21 p.m.5 views

CVE-2025-23931

creationtimestamp| type| source ---|---|--- 2025-01-22 15:21:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdoa4iblu2b 2025-01-22 15:49:19+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113872794980397663 2025-01-22 15:49:49+00:00| seen|...

9.3CVSS7.3AI score0.005EPSS
Exploits0References5
Circl
Circl
added 2025/01/22 3:21 p.m.10 views

CVE-2025-23918

creationtimestamp| type| source ---|---|--- 2025-01-22 15:21:22+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo7vwq2d2w 2025-01-22 15:49:17+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113872794842838981 2025-01-22 15:49:47+00:00| seen|...

9.9CVSS7.3AI score0.00627EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.3 views

Mastodon < 4.0.10 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.14 or 4.0.x prior to 4.0.10 or 4.1.x prior to 4.1.8. It is, therefore, affected by multiples vulnerabilities : - A Stored XSS through the translation feature - A Server-side request...

7.5CVSS6.6AI score0.0057EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.4 views

Mastodon 4.1.x < 4.1.3 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.9 or 4.0.x prior to 4.0.5 or 4.1.x prior to 4.1.3. It is, therefore, affected by multiples vulnerabilities : - Verified profile links can be formatted in a misleading way - Denial of...

9.9CVSS6.8AI score0.37264EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.3 views

Mastodon < 3.5.9 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.9 or 4.0.x prior to 4.0.5 or 4.1.x prior to 4.1.3. It is, therefore, affected by multiples vulnerabilities : - Verified profile links can be formatted in a misleading way - Denial of...

9.9CVSS6.8AI score0.37264EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.5 views

Mastodon < 4.1.8 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.14 or 4.0.x prior to 4.0.10 or 4.1.x prior to 4.1.8. It is, therefore, affected by multiples vulnerabilities : - A Stored XSS through the translation feature - A Server-side request...

7.5CVSS6.6AI score0.0057EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.5 views

Mastodon 4.2.x < 4.2.9 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.17 or 4.2.x prior to 4.2.9. It is, therefore, affected by multiples vulnerabilities : - Private mention filtering can be bypassed - Missing rate-limit to password change endpoint -...

7.5CVSS7.7AI score0.00458EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.5 views

Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.18 or 4.2.x prior to 4.2.10. It is, therefore, affected by multiples vulnerabilities : - An Insufficient permission checking on multiple API endpoints - An Improper authorship check ...

8.2CVSS6.9AI score0.00526EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.2 views

Mastodon < 3.5.14 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.14 or 4.0.x prior to 4.0.10 or 4.1.x prior to 4.1.8. It is, therefore, affected by multiples vulnerabilities : - A Stored XSS through the translation feature - A Server-side request...

7.5CVSS6.6AI score0.0057EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.7 views

Mastodon 4.1.x < 4.1.14 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

7.4CVSS7.5AI score0.00477EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.6 views

Mastodon < 3.5.18 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

7.4CVSS7.5AI score0.00477EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.4 views

Mastodon 4.2.x < 4.2.6 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

7.4CVSS7.5AI score0.00477EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.6 views

Mastodon 4.0.x < 4.0.5 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.9 or 4.0.x prior to 4.0.5 or 4.1.x prior to 4.1.3. It is, therefore, affected by multiples vulnerabilities : - Verified profile links can be formatted in a misleading way - Denial of...

9.9CVSS6.8AI score0.37264EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.3 views

Mastodon 4.0.x < 4.0.14 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

7.4CVSS7.5AI score0.00477EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.5 views

Mastodon < 4.1.18 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.18 or 4.2.x prior to 4.2.10. It is, therefore, affected by multiples vulnerabilities : - An Insufficient permission checking on multiple API endpoints - An Improper authorship check ...

8.2CVSS6.9AI score0.00526EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.12 views

Mastodon < 4.1.17 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.17 or 4.2.x prior to 4.2.9. It is, therefore, affected by multiples vulnerabilities : - Private mention filtering can be bypassed - Missing rate-limit to password change endpoint -...

7.5CVSS7.7AI score0.00458EPSS
Exploits0References4
Rows per page
Query Builder