Lucene search
PRIOn knowledge basePRION:CVE-2024-1402HistoryFeb 09, 2024 - 4:15 p.m.
Code injection
2024-02-0916:15:00
PRIOn knowledge base
www.prio-n.com
4
code injection
mattermost
custom emojis
mobile app
security vulnerability
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mattermost_server | le | 8.1.7 | |
| mattermost_server | ge | 9.0.0 | |
| mattermost_server | le | 9.1.4 | |
| mattermost_server | ge | 9.2.0 | |
| mattermost_server | le | 9.2.3 |
References
Related
cnvd
cnvd
Mattermost Resource Management Error Vulnerability (CNVD-2024-09865)
2024-02-22 00:00:00
osv
osv
CVE-2024-1402
2024-02-09 16:15:07
CGA-xjf7-9r4q-527v
2024-06-24 14:34:07
cvelist
cvelist
nvd
nvd
CVE-2024-1402
2024-02-09 16:15:07
nessus
nessus
Mattermost Server < 8.1.8 / 9.x < 9.1.5 / 9.2.x < 9.2.4 (MMSA-2023-00276)
2024-02-14 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2024-1402
2024-02-09 16:15:07
veracode
veracode
Denial Of Service (DoS)
2024-02-12 06:42:43
github
github