Описание
Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths
A flaw was found in Mattermost, where it failed to limit the size of a request path that includes user inputs. This flaw allows an attacker to cause excessive resource consumption, possibly leading to a denial of service (DoS) via sending large request paths.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/acm-grafana-rhel8 | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-docs-rhel8 | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-main-rhel8 | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-rhel8-operator | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-roxctl-rhel8 | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-scanner-db-rhel8 | Fix deferred | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-scanner-rhel8 | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-grafana | Not affected |
Показывать по
Дополнительная информация
Статус:
3.1 Low
CVSS3
Связанные уязвимости
Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths
Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 an ...
Mattermost fails to limit the size of a request path
3.1 Low
CVSS3