Mattermost Server Resource Exhaustion

GHSA-qqc8-rv37-79q5 · BIT-mattermost-2024-28053 · CVE-2024-28053 · GO-2024-3334

Published Mar 15, 2024 · Modified Dec 18, 2024

Description

Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-28053
ADVISORY https://github.com/advisories/GHSA-qqc8-rv37-79q5
PACKAGE https://github.com/mattermost/mattermost
WEB https://mattermost.com/security-updates

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes