Vulnerabilities > Joinmastodon > Mastodon > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-19 | CVE-2024-25623 | Unrestricted Upload of File with Dangerous Type vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.7 |
| 2024-02-14 | CVE-2024-25618 | Missing Authentication for Critical Function vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.4 |
| 2023-09-19 | CVE-2023-42450 | Unspecified vulnerability in Joinmastodon Mastodon 4.2.0 Mastodon is a free, open-source social network server based on ActivityPub. | 7.5 |
| 2023-09-19 | CVE-2023-42451 | Unspecified vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.5 |
| 2023-07-06 | CVE-2023-36461 | Unspecified vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.5 |
| 2022-12-04 | CVE-2022-46405 | Uncontrolled Recursion vulnerability in Joinmastodon Mastodon Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages. | 7.5 |