Known Vulnerabilities for products from Joinmastodon
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Joinmastodon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33869 json | Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.5.x branch prior to 4.5.8 an... | Not Provided | 2026-03-27 | 2026-03-30 |
| CVE-2026-33868 json | Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an u... | Not Provided | 2026-03-27 | 2026-03-30 |
| CVE-2023-42452 json | Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.x branch prior to versions 4... | 5.4 - MEDIUM | 2023-09-19 | 2023-09-22 |
| CVE-2023-42451 json | Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 3.5.14, 4.0.10, 4.1.8, and 4.2.... | 7.5 - HIGH | 2023-09-19 | 2023-09-22 |
| CVE-2023-42450 json | Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 4.2.0-beta1 and prior to vers... | 7.5 - HIGH | 2023-09-19 | 2023-09-25 |
| CVE-2023-36462 json | Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 2.6.0 and prior to versions 3... | 5.4 - MEDIUM | 2023-07-06 | 2023-07-13 |
| CVE-2023-36461 json | Mastodon is a free, open-source social network server based on ActivityPub. When performing outgoing HTTP queries, Mastodon s... | 7.5 - HIGH | 2023-07-06 | 2023-07-14 |
| CVE-2023-36460 json | Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3... | 9.9 - CRITICAL | 2023-07-06 | 2023-07-14 |
| CVE-2023-36459 json | Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 1.3 and prior to versions 3.5... | 6.1 - MEDIUM | 2023-07-06 | 2023-07-14 |
| CVE-2023-28853 json | Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authenti... | 6.5 - MEDIUM | 2023-04-04 | 2023-07-07 |
| CVE-2022-48364 json | The undo_mark_statuses_as_sensitive method in app/services/approve_appeal_service.rb in Mastodon 3.5.x before 3.5.3 does not ... | 4.3 - MEDIUM | 2023-03-06 | 2023-03-11 |
| CVE-2022-46405 json | Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that... | 7.5 - HIGH | 2022-12-04 | 2022-12-06 |
| CVE-2022-31263 json | app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions. | 5.3 - MEDIUM | 2022-05-24 | 2022-06-02 |
| CVE-2022-24307 json | Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD... | 9.8 - CRITICAL | 2022-02-03 | 2022-02-09 |
| CVE-2022-2166 json | Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0. | 9.8 - CRITICAL | 2022-11-16 | 2022-11-17 |
| CVE-2022-0432 json | Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0. | 6.1 - MEDIUM | 2022-02-02 | 2022-02-05 |
| CVE-2018-21018 json | Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions. | 9.8 - CRITICAL | 2019-09-22 | 2019-09-23 |
Known software with vulnerabilities from Joinmastodon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Joinmastodon | Mastodon | 0.1.0 |