Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1xcWM4LXJ2MzctNzlxNc4AA6BG

Low EPSS: 0.00056% (0.17456 Percentile) EPSS:
Permalink JSON

Mattermost Server Resource Exhaustion

Affected Packages Affected Versions Fixed Versions
go:github.com/mattermost/mattermost-server/v6
PURL: pkg:go/github.com%2Fmattermost%2Fmattermost-server%2Fv6
< 0.0.0-20240209181221-674f549daf0e 0.0.0-20240209181221-674f549daf0e
111 Dependent packages
168 Dependent repositories

Affected Version Ranges

All affected versions

All unaffected versions

6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.5.0, 6.5.1, 6.5.2, 6.6.0, 6.6.1, 6.6.2, 6.7.0, 6.7.1, 6.7.2
go:github.com/mattermost/mattermost-server/v5
PURL: pkg:go/github.com%2Fmattermost%2Fmattermost-server%2Fv5
< 0.0.0-20240209181221-674f549daf0e 0.0.0-20240209181221-674f549daf0e
215 Dependent packages
280 Dependent repositories

Affected Version Ranges

All affected versions

All unaffected versions

5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1.0, 5.1.1, 5.1.2, 5.2.0, 5.2.1, 5.2.2, 5.3.0, 5.3.1, 5.4.0, 5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.7.0, 5.7.1, 5.7.2, 5.7.3, 5.8.0, 5.8.1, 5.8.2, 5.9.0, 5.9.1, 5.9.2, 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.10.0, 5.10.1, 5.10.2, 5.11.0, 5.11.1, 5.12.0, 5.12.1, 5.12.2, 5.12.3, 5.12.4, 5.12.5, 5.12.6, 5.13.0, 5.13.1, 5.13.2, 5.13.3, 5.14.0, 5.14.1, 5.14.2, 5.14.3, 5.14.4, 5.14.5, 5.15.0, 5.15.1, 5.15.2, 5.15.3, 5.15.4, 5.15.5, 5.16.0, 5.16.1, 5.16.2, 5.16.3, 5.16.4, 5.16.5, 5.17.0, 5.17.1, 5.17.2, 5.17.3, 5.18.0, 5.18.1, 5.18.2, 5.19.0, 5.19.1, 5.19.2, 5.19.3, 5.20.0, 5.20.1, 5.20.2, 5.21.0, 5.22.0, 5.22.1, 5.22.2, 5.22.3, 5.23.0, 5.23.1, 5.23.2, 5.24.0, 5.24.1, 5.24.2, 5.24.3, 5.25.0, 5.25.1, 5.25.2, 5.25.3, 5.25.4, 5.25.5, 5.25.6, 5.26.0, 5.26.1, 5.26.2, 5.27.0, 5.27.1, 5.27.2, 5.28.0, 5.28.1, 5.28.2, 5.29.0, 5.29.1, 5.29.2, 5.30.0, 5.30.1, 5.30.2, 5.30.3, 5.31.0, 5.31.1, 5.31.2, 5.31.3, 5.31.4, 5.31.5, 5.31.6, 5.31.7, 5.31.8, 5.31.9, 5.32.0, 5.32.1, 5.33.0, 5.33.1, 5.33.2, 5.33.3, 5.33.4, 5.33.5, 5.34.0, 5.34.1, 5.34.2, 5.34.3, 5.34.4, 5.34.5, 5.35.0, 5.35.1, 5.35.2, 5.35.3, 5.35.4, 5.35.5, 5.36.0, 5.36.1, 5.36.2, 5.37.0, 5.37.1, 5.37.2, 5.37.3, 5.37.4, 5.37.5, 5.37.6, 5.37.7, 5.37.8, 5.37.9, 5.37.10, 5.38.0, 5.38.1, 5.38.2, 5.38.3, 5.38.4, 5.39.0, 5.39.1, 5.39.2, 5.39.3
go:github.com/mattermost/mattermost-server
PURL: pkg:go/github.com%2Fmattermost%2Fmattermost-server
< 0.0.0-20240209181221-674f549daf0e 0.0.0-20240209181221-674f549daf0e
131 Dependent packages
122 Dependent repositories

Affected Version Ranges

All affected versions

All unaffected versions

0.5.0, 0.6.0, 1.0.0, 1.1.0, 1.1.1, 1.2.1, 1.3.0, 1.4.0, 2.0.0, 2.1.0, 2.2.0, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.1.0, 3.2.0, 3.3.0, 3.4.0, 3.5.0, 3.5.1, 3.5.2, 3.5.3, 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.7.5, 3.7.6, 3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.9.0, 3.9.1, 3.9.2, 3.10.0, 3.10.1, 3.10.2, 3.10.3, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.1.0, 4.1.1, 4.1.2, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.5.0, 4.5.1, 4.5.2, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.8.0, 4.8.1, 4.8.2, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.10.0, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.5, 4.10.6, 4.10.7, 4.10.8, 4.10.9, 4.10.10, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1.0, 5.1.1, 5.1.2, 5.2.0, 5.2.1, 5.2.2, 5.3.0, 5.3.1, 5.4.0, 5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.7.0, 5.7.1, 5.7.2, 5.7.3, 5.8.0, 5.8.1, 5.8.2, 5.9.0, 5.9.1, 5.9.2, 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.10.0, 5.10.1, 5.10.2, 5.11.0, 5.11.1, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.9, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.3.0, 9.3.1, 9.3.2, 9.3.3, 9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.4.4, 9.4.5, 9.5.0, 9.5.1, 9.5.2, 9.5.3, 9.6.0, 9.6.1
go:github.com/mattermost/mattermost/server/v8
PURL: pkg:go/github.com%2Fmattermost%2Fmattermost%2Fserver%2Fv8
< 0.0.0-20240209181221-674f549daf0e 0.0.0-20240209181221-674f549daf0e
2 Dependent packages
1 Dependent repositories

Affected Version Ranges

All affected versions

All unaffected versions

Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server.

References:

Identifiers

GHSA-qqc8-rv37-79q5

CVE-2024-28053

Risk

Severity

Low

EPSS

EPSS Percentage: 0.00056

EPSS Percentile: 0.17456

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Date and time

Published

over 1 year ago

Updated

9 months ago

API

JSON