VYPR
Unrated severityNVD Advisory· Published Dec 4, 2022· Updated Apr 24, 2025

CVE-2022-46405

CVE-2022-46405

Description

Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.