Ember-Ruby

**Name of the Vulnerable Software and Affected Versions** Mastodon versions prior to 4.3.18 Mastodon versions prior to 4.4.12 Mastodon versions prior to 4.5.5 **Description** Mastodon is a free, open-source social network server based on ActivityPub. Versions of Mastodon prior to 4.3.18, 4.4.12, and 4.5.5 do not limit the maximum number of poll options for remote posts. This allows attackers to create polls with a very large number of options, which can significantly increase resource consumption. An attacker can cause disproportionate resource usage in both Mastodon servers and clients, potentially leading to a Denial of Service, either server-side or client-side. **Recommendations** Update to Mastodon version 4.3.18 or later. Update to Mastodon version 4.4.12 or later. Update to Mastodon version 4.5.5 or later.