Exploitation Summary
CVE-2022-0432 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0.
Nuclei Templates (1)
Mastodon Prototype Pollution Vulnerability
MEDIUMby pikpikcu
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7
Patch, Third Party Advisory x_refsource_misc
https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09
Scores
CVSS v3
6.1
EPSS
0.0447
EPSS Percentile
90.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-1321
Status
published
Products (1)
joinmastodon/mastodon
< 3.5.0
Published
Feb 02, 2022
Tracked Since
Feb 18, 2026