Vulnerabilities > Joinmastodon > Mastodon > 4.0.4

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-23832 Authentication Bypass by Spoofing vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication.
network
low complexity
joinmastodon CWE-290
critical
 9.8
9.8
2023-09-19 CVE-2023-42451 Use of Incorrectly-Resolved Name or Reference vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon CWE-706
7.5
7.5
2023-09-19 CVE-2023-42452 Cross-site Scripting vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon CWE-79
5.4
5.4
2023-07-06 CVE-2023-36462 Unspecified vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon
5.4
5.4
2023-07-06 CVE-2023-36459 Cross-site Scripting vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon CWE-79
6.1
6.1
2023-07-06 CVE-2023-36460 Path Traversal vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon CWE-22
critical
 9.9
9.9
2023-07-06 CVE-2023-36461 Allocation of Resources Without Limits or Throttling vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
low complexity
joinmastodon CWE-770
7.5
7.5