Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-2406

Опубликовано: 14 июл. 2022
Источник: debian
EPSS Низкий

Описание

The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mattermost-serveritppackage

EPSS

Процентиль: 62%
0.00427
Низкий

Связанные уязвимости

CVSS3: 4.3
nvd
около 3 лет назад

The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API.

CVSS3: 6.5
github
около 3 лет назад

The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API.

EPSS

Процентиль: 62%
0.00427
Низкий