Home > Vulnerability Database > CVE-2024-28053

Mend.io Vulnerability Database

CVE-2024-28053

Good to know:

Date: March 15, 2024

Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server.

Language: Go

Severity Score

3.1

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-28053

Url: https://mattermost.com/security-updates

Url: https://www.mend.io/vulnerability-database/CVE-2024-28053

Severity Score

3.1

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

Top Fix

Upgrade Version

Upgrade to version v8.1.10,v9.5.0

Learn More

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-28053

Good to know:

Date: March 15, 2024

Language: Go

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?