Описание
Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 14%
0.00047
Низкий
Связанные уязвимости
CVSS3: 3.1
nvd
19 дней назад
Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens
CVSS3: 3.1
github
19 дней назад
Mattermost is vulnerable to CPU exhaustion via crafted HTTP request
EPSS
Процентиль: 14%
0.00047
Низкий