CVE-2024-34535 Information

Description

In Mastodon 4.1.6 API endpoint rate limiting can be bypassed by setting a crafted HTTP request header.

Reference

https://github.com/mastodon/mastodon/tags https://github.com/mastodon/mastodon/security/advisories/GHSA-q3rg-xx5v-4mxh