8 matches found
CVE-2023-48268
Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip zip bomb...
CVE-2023-48268 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
CVE-2023-48268
creationtimestamp| type| source ---|---|--- 2023-12-16 20:22:56+00:00| seen| https://t.me/ctinow/155468...
CVE-2023-48268
Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip zip bomb...
CVE-2023-48268 Denial of Service via Board Import Zip Bomb
Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip zip bomb...
CVE-2023-48268 Denial of Service via Board Import Zip Bomb
Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip zip bomb...
CVE-2023-48268
CVE-2023-48268: Mattermost Boards import can be exploited via a specially crafted zip to exhaust resources during archive extraction, causing Denial of Service. The accessible connected sources indicate the issue stems from failing to limit data extracted from compressed archives during board imp...
Mattermost Server < 7.8.13 / 8.x < 8.1.4 / 9.0.x < 9.0.2 / 9.1.0 Multiple Vulnerabilities
The version of Mattermost Server running on the remote host is prior to 7.8.13, 8.x prior to 8.1.4, 9.0.x prior to 9.0.2 or 9.1.x prior to 9.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2023-00218, MMSA-2023-00219, MMSA-2023-00233, MMSA-2023-00241,...