Описание
Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted malicious input.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.23.0 (исключая)
cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-704
Связанные уязвимости
CVSS3: 6.5
github
около 1 года назад
Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted malicious input.
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-704