Unrated severityNVD Advisory· Published Dec 4, 2022· Updated Apr 24, 2025
CVE-2022-46405
CVE-2022-46405
Description
Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.
Affected products
3Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.