Home > Vulnerability Database > CVE-2025-20072

Mend.io Vulnerability Database

CVE-2025-20072

Date: January 16, 2025

Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted malicious input.

Severity Score

6.5

Related Resources (3)

Url: https://mattermost.com/security-updates

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-20072

Url: https://www.mend.io/vulnerability-database/CVE-2025-20072

Severity Score

6.5

Weakness Type (CWE)

Incorrect Type Conversion or Cast

CWE-704

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-20072

Date: January 16, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?