Moderate severityNVD Advisory· Published Apr 13, 2022· Updated Dec 6, 2024
OOM DoS in Mattermost image proxy
CVE-2022-1337
Description
The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/mattermost/mattermost-server/v6Go | < 6.4.2 | 6.4.2 |
Affected products
3- osv-coords2 versions
>= 5.37.0, < 5.37.9+ 1 more
- (no CPE)range: >= 5.37.0, < 5.37.9
- (no CPE)range: < 6.4.2
- Range: 6.4
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-f37q-q7p2-ccfcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1337ghsaADVISORY
- mattermost.com/security-updatesghsaWEB
- mattermost.com/security-updates/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.