Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.
References
History

Thu, 12 Dec 2024 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Mattermost
Mattermost mattermost Server
Weaknesses CWE-770
CPEs cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
Vendors & Products Mattermost
Mattermost mattermost Server

cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-04-05T08:14:09.878Z

Updated: 2024-09-03T18:35:47.389Z

Reserved: 2024-04-03T10:03:48.285Z

Link: CVE-2024-28949

cve-icon Vulnrichment

Updated: 2024-08-02T01:03:51.100Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-05T09:15:09.497

Modified: 2024-12-12T21:38:08.237

Link: CVE-2024-28949

cve-icon Redhat

No data.