Eichner

**Name of the Vulnerable Software and Affected Versions** Mastodon versions 4.1.x through 4.1.16 Mastodon versions 4.2.x through 4.2.8 **Description** The issue allows a bypass of rate limiting via a crafted HTTP request header. This means that an attacker can send a specially designed HTTP request header to circumvent the rate limiting protections in place. **Recommendations** For Mastodon versions 4.1.x through 4.1.16, update to version 4.1.17 or later. For Mastodon versions 4.2.x through 4.2.8, update to version 4.2.9 or later.