CVE-2022-1982

🗓️ 02 Jun 2022 17:03:07Reported by MattermostType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 81 Views

Uncontrolled resource consumption in Mattermost v6.6.0 & earlier, causing server crash via crafted SVG attachment

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2022-1982	2 Jun 202218:15	–	attackerkb
Circl	CVE-2022-1982	2 Jun 202222:25	–	circl
CNNVD	Mattermost 资源管理错误漏洞	2 Jun 202200:00	–	cnnvd
CNVD	Mattermost Resource Management Error Vulnerability (CNVD-2022-65349)	8 Jun 202200:00	–	cnvd
Cvelist	CVE-2022-1982 A crafted SVG attachment can crash a Mattermost server	2 Jun 202217:03	–	cvelist
EUVD	EUVD-2022-6058	3 Oct 202520:07	–	euvd
Github Security Blog	Uncontrolled Resource Consumption in Mattermost server	3 Jun 202200:00	–	github
NVD	CVE-2022-1982	2 Jun 202218:15	–	nvd
OSV	BIT-MATTERMOST-2022-1982	6 Mar 202411:03	–	osv
OSV	GHSA-GWPF-95JC-63RV Uncontrolled Resource Consumption in Mattermost server	3 Jun 202200:00	–	osv

NVD

Node

mattermost mattermost_serverRange5.0.0–6.3.8

mattermost mattermost_serverRange6.4.0–6.4.3

mattermost mattermost_serverMatch6.5.0

mattermost mattermost_serverMatch6.6.0

[
  {
    "product": "Mattermost",
    "vendor": "Mattermost",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.x 6.5.0"
      },
      {
        "status": "affected",
        "version": "6.6.x 6.6.0"
      },
      {
        "lessThanOrEqual": "5.39",
        "status": "affected",
        "version": "5.x",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.3.7",
        "status": "affected",
        "version": "6.x",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "6.4.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
mattermost	www.mattermost.com/security-updates/

21 Nov 2024 06:41Current

5Medium risk

Vulners AI Score5

CVSS 24

CVSS 3.14.3 - 6.5

EPSS0.00427

SSVC

CWE-400