Security
Headlines

Headlines Latest CVEs

Headline

GHSA-m7w4-q5vg-5xfp: Mattermost subject to Denial of Service via upload of special GIF

Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.

2 years ago

#dos #git #auth

Mattermost subject to Denial of Service via upload of special GIF

Moderate severity GitHub Reviewed Published Sep 25, 2022 • Updated Sep 28, 2022

Related news

Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.

2 years ago

ghsa: Latest News

GHSA-w5rq-g9r6-vrcg: @dapperduckling/keycloak-connector-server has Reflected XSS Vulnerability in Authentication Flow URL Handling

1 hour ago

GHSA-q4xm-6fjc-5f6w: sigstore-java has vulnerability with bundle verification

2 hours ago

GHSA-v7vm-rhmg-8j2r: Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API

2 hours ago

GHSA-2xcc-vm3f-m8rw: @lobehub/chat Server Side Request Forgery vulnerability

3 hours ago

GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

20 hours ago