Skip Navigation

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

arstechnica.com Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

Most critical of the bugs allowed attackers to root federated instances.

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

It looks like SDF's Mastodon instance (v4.0.2) is vulnerable, and requires patching to either 4.1.3 or 4.0.5. I don't want to back-seat admin, but I know the SDF crew have a lot on their plate. Are they aware of this vulnerability?

EDIT: The instance has now been updated to v4.0.5!

2