Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service via Opengraph Data Cache
Vulnerability Description
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 存在安全漏洞,该漏洞源于在处理OpenGraph数据缓存时未能强制限制缓存条目的大小,导致攻击者可以发送特殊构造的请求到/api/v4/opengraph接口,填充缓存并使服务器无法使用。
CVSS Information
N/A
Vulnerability Type
N/A