CVE-2023-3614

LOW3.3EPSS 0.09%

發布日:2024/3/6修改日:2025/4/3

描述

Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file.

受影響套件(1)

Bitnami/mattermostfrom 0, < 7.8.7, >= 7.9.0, < 7.9.5, >= 7.10.0, < 7.10.3

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	LOW3.3	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

參考連結(2)

WEBhttps://mattermost.com/security-updates
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2023-3614