Primary

Context

Mastodon Denial-of-Service Vulnerability in Quote Authorization

Vulnerability

A denial-of-service vulnerability has been identified in Mastodon, a social network server based on ActivityPub. This issue affects Mastodon versions 4.5.x prior to 4.5.8 and 4.4.x prior to 4.4.15. The vulnerability arises when an attacker, aware of a quote before it is processed by a server, can disrupt its proper handling on that server. In contrast, Mastodon versions 4.3 and earlier are not vulnerable as they do not support quotes.

Impact

Exploitation of this vulnerability prevents quotes from being correctly processed on the affected server.

Remediation

Users can upgrade to Mastodon versions 4.5.8 or 4.4.15 to address this vulnerability.

Added: Mar 27, 2026, 8:27 PM

Updated: Mar 27, 2026, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mastodon Denial-of-Service Vulnerability in Quote Authorization

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating