all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Mastodon has improper authorship check on audience extension for existing pos...

Add to bookmarks
July 5, 2024, 5:24 p.m. |

CVE | THREATINT - NEW cve.threatint.com

Mastodon is a self-hosted, federated microblogging platform. Starting in version 2.6.0 and prior to versions 4.1.18 and 4.2.10, by crafting specific activities, an attacker can extend the audience ...

attacker can check extension federated mastodon platform pos version

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

OpenVPN 2.6.10 and earlier in a server role accepts multiple exit notificatio... 2 hours ago | cve.threatint.com
clients exit notifications openvpn +3
Undertow: learningpushhandler can lead to remote memory dos attacksA vulnerab... 2 hours ago | cve.threatint.com
can config default disabled +6
Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticketA v... 3 hours ago | cve.threatint.com
body case client continue +5
Undici vulnerable to data leak when using response.arrayBuffer()Undici is an ... 3 hours ago | cve.threatint.com
client conditions data data leak +13
Botan has a Denial of Service Due to Excessive Name ConstraintsBotan is a C++... 3 hours ago | cve.threatint.com
can certificates check cryptography +10
/n software IPWorks SSH insufficient file access verificationThe /n software ... 4 hours ago | cve.threatint.com
access can certificate file +10
Denial of Service in aimhubio/aimA vulnerability in aimhubio/aim version 3.19... 4 hours ago | cve.threatint.com
aim attacker con configuring +8
Openssh: possible remote code execution due to a race condition in signal han... 5 hours ago | cve.threatint.com
authenticate client code code execution +12
URL Redirection to Arbitrary Site Exists in SitefinityThe user may be redirec... 6 hours ago | cve.threatint.com
may redirection url

Jobs in InfoSec / Cybersecurity

Find Talent

Sr. IT Internal Auditor

@ CCC Intelligent Solutions | Chicago (Green St), IL
View on infosec-jobs.com

Sr. Principal Product Manager

@ Forcepoint | USA - Remote
View on infosec-jobs.com

Principal Software Engineer

@ Rapid7 | NIS Belfast
View on infosec-jobs.com

Consultant as Network & Security Administrator ( Cloud Oriented )

@ Teamwork Corporate | Moka, Mauritius
View on infosec-jobs.com

Access Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 1000) client
View on infosec-jobs.com

Associate, Technology Audit

@ BlackRock | AT8 - 725 Ponce de Leon Ave NE, Atlanta
View on infosec-jobs.com