Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service via Unbounded Memory Allocation in Integration Actions
Vulnerability Description
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 Mattermost fails to limit the size of responses from integration action endpoints, which allows an authenticated attacker to cause server memory exhaustion and denial of service via a malicious integration server that returns an arbitrarily large response when a user clicks an interactive message button.. Mattermost Advisory ID: MMSA-2026-00571
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
未经控制的内存分配
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 11.3.0及之前的11.3.x版本、11.2.2及之前的11.2.x版本和10.11.10及之前的10.11.x版本存在安全漏洞,该漏洞源于未能限制集成操作端点的响应大小,可能导致经过身份验证的攻击者通过恶意集成服务器返回任意大响应,造成服务器内存耗尽和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A