CVE-2023-2831

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 16, 2023

Updated: Jun 26, 2023

CWE ID 416

Summary

CVE-2023-2831 is a Denial of Service vulnerability affecting Mattermost. The issue arises due to Mattermost's inability to unescape Markdown strings in an efficient manner. An attacker can exploit this flaw by sending a message with a large number of escaped characters, causing the application to consume excessive memory and ultimately leading to a crash. This can result in a Denial of Service condition for the affected Mattermost instance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Haxx Curl
MacOS

Affected Vendors

Apple
Haxx

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rQvZGh
https://www.cve.org/CVERecord?id=CVE-2023-2831
https://nvd.nist.gov/vuln/detail/CVE-2023-2831

Back to Vulnerability Database