Lucene search
PRIOn knowledge basePRION:CVE-2024-1953HistoryFeb 29, 2024 - 11:15 a.m.
Cross site request forgery (csrf)
2024-02-2911:15:00
PRIOn knowledge base
www.prio-n.com
4
mattermost
csrf
api limitation
memory crash
http request
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request.
References
Related
osv
osv
CGA-25vp-ggq8-49x6
2024-06-24 14:34:05
Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server
2024-06-28 15:28:53
Mattermost fails to limit the number of role names
2024-02-29 12:31:06
veracode
veracode
Uncontrolled Resource Consumption
2024-03-03 11:14:22
cve
cve
CVE-2024-1953
2024-02-29 11:15:08
nvd
nvd
CVE-2024-1953
2024-02-29 11:15:08
cvelist
cvelist
CVE-2024-1953
2024-02-29 10:42:41
github
github
Mattermost fails to limit the number of role names
2024-02-29 12:31:06