CVE-2025-0476
published 2025-01-16CVE-2025-0476: Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNINAL
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the specially crafted attachment
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost | <= 2.22.0 | — |
| mattermost | mattermost_mobile | < 2.23.0 | 2.23.0 |
| msrc | azl3_vte291_0.74.2-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_vte291_0.74.2-7_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_vte291_0.66.2-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_vte291_0.66.2-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |