~/cve/CVE-2017-18871

pipeline liveDigest Docs

CVE-2017-18871

published 2020-06-19

CVE-2017-18871: An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an…

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.

Affected

12 ranges

Vendor	Product	Version range	Fixed in
github.com	mattermost_mattermost-server	>= 0 < 4.2.2+incompatible	4.2.2+incompatible
github.com	mattermost_mattermost-server	>= 0 < 4.2.2	4.2.2
github.com	mattermost_mattermost-server	>= 4.3.0-rc1 < 4.3.4	4.3.4
github.com	mattermost_mattermost-server	>= 4.3.0-rc1+incompatible < 4.3.4+incompatible	4.3.4+incompatible
github.com	mattermost_mattermost-server	>= 4.4.0-rc1 < 4.4.5	4.4.5
github.com	mattermost_mattermost-server	>= 4.4.0-rc1+incompatible < 4.4.5+incompatible	4.4.5+incompatible
github.com	mattermost_mattermost-server	>= 4.5.0-rc1 < 4.5.0	4.5.0
github.com	mattermost_mattermost-server	>= 4.5.0-rc1+incompatible < 4.5.0+incompatible	4.5.0+incompatible
mattermost	mattermost_server	< 4.2.2	4.2.2
mattermost	mattermost_server	—	—
mattermost	mattermost_server	>= 4.3.0 < 4.3.4	4.3.4
mattermost	mattermost_server	>= 4.4.0 < 4.4.5	4.4.5