Описание
Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 39%
0.00167
Низкий
Связанные уязвимости
CVSS3: 6.5
nvd
больше 1 года назад
Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.
CVSS3: 6.5
github
больше 1 года назад
Mattermost Uncontrolled Resource Consumption vulnerability
EPSS
Процентиль: 39%
0.00167
Низкий