CVE-2024-34535
5.9MEDIUMIn Mastodon 4.1.6, API endpoint rate limiting can be bypassed by setting a crafted HTTP request header.
Veröffentlicht: 10/3/2024Aktualisiert: 5/6/2025
Beschreibung
In Mastodon 4.1.6, API endpoint rate limiting can be bypassed by setting a crafted HTTP request header.
KI-AnalyseKI-gestützt
Betroffene Produkte
joinmastodonmastodon
joinmastodonmastodon
Referenzen
- https://github.com/mastodon/mastodon/security/advisories/GHSA-q3rg-xx5v-4mxhThird Party Advisory
- https://github.com/mastodon/mastodon/tagsRelease Notes