Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
Thu, 12 Dec 2024 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mattermost
Mattermost mattermost Server |
|
Weaknesses | CWE-770 | |
CPEs | cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mattermost
Mattermost mattermost Server |
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-04-05T08:14:09.878Z
Updated: 2024-09-03T18:35:47.389Z
Reserved: 2024-04-03T10:03:48.285Z
Link: CVE-2024-28949
Vulnrichment
Updated: 2024-08-02T01:03:51.100Z
NVD
Status : Analyzed
Published: 2024-04-05T09:15:09.497
Modified: 2024-12-12T21:38:08.237
Link: CVE-2024-28949
Redhat
No data.