14 matches found
CVE-2026-27173
CVE-2026-27173 affects the Apache Airflow CNCF Kubernetes provider where JWT tokens used by workers in Kubernetes Executors can be exposed to users with read-only access to Kubernetes Pods. The issue arises from tokens being exposed in command-line arguments, potentially enabling read-only users ...
Mattermost Denial of Service Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial of service vulnerability that stems from not validating the uniqueness and number of task actions, which can be exploited by an attacker to cause a denial of service...
Denial Of Service (DoS)
github.com/mattermost/mattermost-server is vulnerable to Denial Of Service DoS. The vulnerability is due to missing validation of uniqueness and quantity of task actions in the UpdateRunTaskActions GraphQL operation, allowing attackers to overload the server by submitting excessive actions...
SUSE CVE-2025-35965
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the validateUpdateTaskActions function used by the UpdateRunTaskActions GraphQL operation. Due to the lack of limitation on task action uniqueness and quantity, a user can cause an...
GO-2025-3643 Mattermost Playbooks fails to validate the uniqueness and quantity of task actions in github.com/mattermost/mattermost-plugin-playbooks
Mattermost Playbooks fails to validate the uniqueness and quantity of task actions in github.com/mattermost/mattermost-plugin-playbooks. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...
Mattermost Playbooks fails to validate the uniqueness and quantity of task actions
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
GHSA-689C-XQ7X-XJWF Mattermost Playbooks fails to validate the uniqueness and quantity of task actions
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
CVE-2025-35965
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
CVE-2025-35965
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
CVE-2025-35965 DoS in Mattermost Playbooks via Excessive Task Actions
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
CVE-2025-35965 DoS in Mattermost Playbooks via Excessive Task Actions
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific post...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial of service vulnerability that stems from not validating the uniqueness and number of task actions, which can be exploited by an attacker to cause a denial of service...
PT-2025-17701 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.10 Mattermost versions 10.4.x through 10.4.2 Mattermost versions 10.5.x through 10.5.0 Description: The issue arises from the failure to validate the uniqueness and quantity of task actions within the...