LeoBurr :veripawed:🦁🐻 on Nostr: PSA: It's been a week. Please check your Mastodon instance to see if it's running a ...
PSA: It's been a week. Please check your Mastodon instance to see if it's running a version prior to 3.5.9, 4.0.5, and 4.1.3. If so, it's susceptible to an attack in the wild that allows remote code execution via a toot, and you should get your admin to update ASAP.
Info on the CVE -
https://nvd.nist.gov/vuln/detail/CVE-2023-36460
Published at
2023-07-13 14:10:46Event JSON
{
"id": "1bc031a24eecb66484ec050eab3e37610b7703e97d2b44e20ae592cf368a14ed",
"pubkey": "864e11cccc54a4031d3db8ed8ae9edac96ad3c1219ebd3d0a17d5e7de9d57307",
"created_at": 1689257446,
"kind": 1,
"tags": [
[
"emoji",
"boost_ok",
"https://tiggi.es/system/custom_emojis/images/000/038/280/original/586d9147338a13f7.png"
],
[
"mostr",
"https://tiggi.es/users/LeoBurr/statuses/110707176035374953"
]
],
"content": "PSA: It's been a week. Please check your Mastodon instance to see if it's running a version prior to 3.5.9, 4.0.5, and 4.1.3. If so, it's susceptible to an attack in the wild that allows remote code execution via a toot, and you should get your admin to update ASAP.\n\nInfo on the CVE - https://nvd.nist.gov/vuln/detail/CVE-2023-36460\n\n:boost_ok:",
"sig": "2464483973c9b3688314cbe80076f803ea63ca0515c160372decbd581cb16da57c02cdd485aefd180d43be1a3a0b365848c3f3e25ca521e5406a392326fa6ebc"
}
