CVE-2022-3147
published 2022-09-09CVE-2022-3147: Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost | unspecified – 7.0.x | — |
| mattermost | mattermost_server | < 7.1.0 | 7.1.0 |