Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-04-26T08:24:34.049Z
Updated: 2024-08-01T22:35:34.806Z
Reserved: 2024-04-10T09:53:47.697Z
Link: CVE-2024-22091
Vulnrichment
Updated: 2024-08-01T22:35:34.806Z
NVD
Status : Awaiting Analysis
Published: 2024-04-26T09:15:11.880
Modified: 2024-04-26T12:58:17.720
Link: CVE-2024-22091
Redhat