[MEDIUM] Pixelfed may allow unauthorized actor to view private posts and private users

PKSA-brgp-r3z9-1w4p CVE-2025-30741 GHSA-7287-grhx-542x

Affected version: <0.12.5

Reported by:
GitHub

[MEDIUM] Pixelfed may allow unauthorized actor to view private posts

PKSA-1q5n-7dm3-hpym CVE-2023-0914 GHSA-qh6w-pq52-qxxq

Affected version: <=0.11.4

Reported by:
GitHub

[MEDIUM] Pixelfed allows user enumeration via reset password functionality

PKSA-gdgg-v7n6-gzsx CVE-2023-0901 GHSA-vjxx-jgcx-9fq2

Affected version: <=0.11.4

Reported by:
GitHub