CGA-8rhx-797w-c47m

Published

Last updated

https://images.chainguard.dev/security/CGA-8rhx-797w-c47m

Package

mattermost-10.5

RepositoryWolfi

Latest Update

Not affected

Aliases

CVE-2023-48268
GHSA-j4c3-3h73-74m9

Severity

Unknown

Summary

Mattermost Uncontrolled Resource Consumption vulnerability

Description

Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb).

References

https://nvd.nist.gov/vuln/detail/CVE-2023-48268
https://github.com/advisories/GHSA-j4c3-3h73-74m9
https://github.com/mattermost/mattermost
https://mattermost.com/security-updates

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-8rhx-797w-c47m

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources