CVE-2023-48369: Uncontrolled Resource Consumption

November 27, 2023 (updated November 28, 2023)

Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log.

References

github.com/advisories/GHSA-3487-3j7c-7gwj
mattermost.com/security-updates
nvd.nist.gov/vuln/detail/CVE-2023-48369

Detect and mitigate CVE-2023-48369 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →