Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.
References
Link | Resource |
---|---|
https://mattermost.com/security-updates | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Mattermost
Published: 2023-10-09T10:38:39.415Z
Updated: 2023-10-09T10:38:39.415Z
Reserved: 2023-10-02T10:48:43.542Z
Link: CVE-2023-5330
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-09T11:15:11.197
Modified: 2023-10-12T18:31:55.587
Link: CVE-2023-5330
JSON object: View
Redhat Information
No data.