Описание
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the specially crafted attachment
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.23.0 (исключая)
cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00311
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-1287
Связанные уязвимости
CVSS3: 4.3
github
около 1 года назад
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the specially crafted attachment
EPSS
Процентиль: 54%
0.00311
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-1287