GSA_kwCzR0hTQS04NjlmLXB4ODYtdmo4NM4AA-5V

Moderate EPSS: 0.00154% (0.36698 Percentile) EPSS:

Permalink JSON

Mattermost Plugin Channel Export excessive resource consumption

Affected Packages	Affected Versions	Fixed Versions
go:github.com/mattermost/mattermost-plugin-channel-export PURL: `pkg:go/github.com%2Fmattermost%2Fmattermost-plugin-channel-export`	< 1.0.1	1.0.1
0 Dependent packages 0 Dependent repositories Affected Version Ranges All affected versions v0.2.2, v1.0.0, v1.0.0-alpha-1 All unaffected versions v1.0.1, v1.2.0, v1.2.1

Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once.

References:

Identifiers

GHSA-869f-px86-vj84

CVE-2024-43105

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00154

EPSS Percentile: 0.36698

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/mattermost/mattermost-plugin-channel-export

Date and time

Published

over 1 year ago

Updated

20 days ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories