Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as 4.0.x versions prior to 4.0.13, 4.1.x version prior to 4.1.13, and 4.2.x versions prior to 4.2.5.
Metrics
Affected Vendors & Products
References
History
Fri, 08 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-02-01T16:18:03.528Z
Updated: 2024-11-08T15:46:29.585Z
Reserved: 2024-01-22T22:23:54.340Z
Link: CVE-2024-23832
Vulnrichment
Updated: 2024-08-01T23:13:08.481Z
NVD
Status : Modified
Published: 2024-02-01T17:15:10.677
Modified: 2024-11-21T08:58:31.150
Link: CVE-2024-23832
Redhat
No data.