GHSA-xvq6-h898-wcj8, CVE-2023-5967
go/github.com/mattermost/mattermost/server/v8
Mattermost denial of service vulnerability
Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin
All versions starting from 8.0.0 before 8.0.4, all versions starting from 8.1.0 before 8.1.3, version 9.0.0
Upgrade to versions 8.0.4, 8.1.3, 9.0.1 or above.
2023-11-09
source |