CVE-2024-24988

🗓️ 29 Feb 2024 08:06:28Reported by MattermostType

Mattermost emoji value length validation vulnerabilit

Reporter	Title	Published	Views	Family All 19
Circl	CVE-2024-24988	29 Feb 202409:26	–	circl
CNNVD	Mattermost Security Vulnerabilities	29 Feb 202400:00	–	cnnvd
Cvelist	CVE-2024-24988 Excessive resource consumption when sending long emoji names in user custom status	29 Feb 202408:06	–	cvelist
EUVD	EUVD-2024-0537	3 Oct 202520:07	–	euvd
Github Security Blog	Mattermost denial of service through long emoji value	29 Feb 202409:30	–	github
NVD	CVE-2024-24988	29 Feb 202408:15	–	nvd
OSV	BIT-MATTERMOST-2024-24988	11 Jan 202507:14	–	osv
OSV	CGA-H6HP-7CFM-2WHX	25 Sep 202401:54	–	osv
OSV	CGA-HM9Q-MFJH-PR3M	15 Jul 202422:00	–	osv
OSV	CGA-HXGX-RG66-HVQR	24 Jun 202414:34	–	osv

NVD

Node

mattermost mattermost_serverRange<8.1.8

mattermost mattermost_serverRange9.0.0–9.1.5

mattermost mattermost_serverRange9.2.0–9.2.4

[
  {
    "defaultStatus": "unaffected",
    "product": "Mattermost",
    "vendor": "Mattermost",
    "versions": [
      {
        "lessThanOrEqual": "9.2.4",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "8.1.8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "9.3.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "9.4.0"
      },
      {
        "status": "unaffected",
        "version": "9.3.1"
      },
      {
        "status": "unaffected",
        "version": "9.2.5"
      },
      {
        "status": "unaffected",
        "version": "8.1.9"
      }
    ]
  }
]

Source	Link
mattermost	www.mattermost.com/security-updates

10 Jan 2025 15:38Current

4.4Medium risk

Vulners AI Score4.4

CVSS 3.14.3 - 6.5

EPSS0.00404

SSVC

CWE-400