9 matches found
BIT-MASTODON-2025-62605 Mastodon quotes control can be bypassed
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0. Mastodon internally...
CVE-2025-62605
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
CVE-2025-62605
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
CVE-2025-62605 Mastodon quotes control can be bypassed
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
CVE-2025-62605 Mastodon quotes control can be bypassed
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
CVE-2025-62605 Mastodon quotes control can be bypassed
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
CVE-2025-62605
Mastodon quotes control bypass vulnerability (CVE-2025-62605) affects 4.4.x and earlier 4.5.0-beta.2 where reblogging a post and quoting the reblog could display a preview of a post without authorization due to how reblogs are treated as statuses. Patches exist in 4.4.8 and 4.5.0-beta.2, which mi...
EUVD-2025-35213
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...
PT-2025-42913
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.4.8 Mastodon versions 4.4.0 through 4.4.7 Mastodon versions prior to 4.5.0-beta.2 Description Mastodon is a free, open-source social network server based on ActivityPub. A flaw exists where an attacker can bypass...