Show filters
22 Total Results
Displaying 21-22 of 22
Sort by:
Attacker Value
Unknown

CVE-2018-21018

Disclosure Date: September 22, 2019 (last updated November 27, 2024)
Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-5961

Disclosure Date: July 05, 2019 (last updated November 27, 2024)
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
0
View More Topics  < Previous