Security Advisories - pixelfed/pixelfed - Packagist

pixelfed/pixelfed Security Advisories for v0.11.7 (1)

[CRITICAL] Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions

PKSA-bgxg-jhn7-yhxd CVE-2024-25108 GHSA-gccq-h3xj-jgvf

Affected version: >=0.10.4,<0.11.11

Reported by:
GitHub