Daprice

**Name of the Vulnerable Software and Affected Versions** Mastodon versions prior to 4.5.5 Mastodon versions prior to 4.4.12 Mastodon versions prior to 4.3.18 **Description** Mastodon, a free and open-source social network server based on ActivityPub, does not limit the length of names for lists or filters, or for filter keywords. This allows a user to set an excessively long string as a name or keyword, potentially causing disproportionate storage and computing resource usage. A user can render their own web interface unusable, though this requires intentional action or approval of a malicious API client. **Recommendations** Update to Mastodon version 4.5.5 or later. Update to Mastodon version 4.4.12 or later. Update to Mastodon version 4.3.18 or later.