Exploit Report

Computer Security And Bug Information


CVE Title
Published Date2022-09-23T15:15Z
Modified Date2022-09-26T22:23Z
CWE TypeCWE-434
DescriptionMattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://hackerone.com/reports/1620170
Reference DescriptionMISC https://hackerone.com/reports/1620170
Reference URLhttps://mattermost.com/security-updates/
Reference DescriptionMISC https://mattermost.com/security-updates/
TagsExploit Third Party Advisory

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles