Mattermost fails to enforce a limit for the size of the...
High severity
Unreviewed
Published
Oct 9, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Oct 9, 2023
Published to the GitHub Advisory Database
Oct 9, 2023
Last updated
Apr 4, 2024
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.
References