Vulnerabilities > Joinmastodon > Mastodon > 1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2022-24307 | Incorrect Authorization vulnerability in Joinmastodon Mastodon Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. | 9.8 |
| 2022-02-02 | CVE-2022-0432 | Unspecified vulnerability in Joinmastodon Mastodon Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0. | 6.1 |
| 2019-09-22 | CVE-2018-21018 | Insufficient Session Expiration vulnerability in Joinmastodon Mastodon Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions. | 9.8 |