CVE-2022-4045

Denial of service in Mattermost in go/github.com/mattermost/mattermost-server

Identifiers

GHSA-v42f-hq78-8c5m, CVE-2022-4045

Package Slug

go/github.com/mattermost/mattermost-server

Vulnerability

Denial of service in Mattermost

Description

A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data.

Affected Versions

All versions before 7.1.4, all versions starting from 7.2.0 before 7.2.1, all versions starting from 7.3.0 before 7.3.1

Solution

Upgrade to versions 7.1.4, 7.2.1, 7.3.1 or above.

Last Modified

2022-11-24

source