Mastodon: two highly dangerous vulnerabilities discovered
In its series “Code Analysis of Open Source Software” (CAOS for short), the BSI has examined software for its security. It discovered two highly dangerous vulnerabilities in the Twitter and X alternative Mastodon. The BSI launched the “Code Analysis of Open Source Software” (CAOS for short) project in 2021. The aim of the project is to subject various open source software to a code analysis. The focus is on user software that is increasingly used by authorities or society. The code analysis is intended to strengthen confidence in the security properties of the product and to identify any…