CVE-2023-3614

Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file.

Published: Jul 17, 2023
Updated: Jul 27, 2023
CVE: CVE-2023-3614
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
mattermost / mattermost_server	7.10.0	7.10.3
mattermost / mattermost_server	7.9.0	7.9.5
mattermost / mattermost_server	-	7.8.7

https://mattermost.com/security-updates

Vulnerability Database

CVE-2023-3614