apk package
wolfi/mattermost-10.10-compat
pkg:apk/wolfi/mattermost-10.10-compat
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58187 | — | < 10.10.3-r2 | 10.10.3-r2 | Oct 29, 2025 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. | ||
| CVE-2025-11579 | — | < 10.10.3-r1 | 10.10.3-r1 | Oct 10, 2025 | github.com/nwaples/rardecode versions <=2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash. | ||
| CVE-2025-47907 | — | < 10.10.1-r2 | 10.10.1-r2 | Aug 7, 2025 | Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex | ||
| CVE-2022-4045 | — | < 0 | 0 | Nov 23, 2022 | A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data. | ||
| CVE-2022-4019 | — | < 0 | 0 | Nov 23, 2022 | A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints. |
- CVE-2025-58187Oct 29, 2025affected < 10.10.3-r2fixed 10.10.3-r2
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
- CVE-2025-11579Oct 10, 2025affected < 10.10.3-r1fixed 10.10.3-r1
github.com/nwaples/rardecode versions <=2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.
- CVE-2025-47907Aug 7, 2025affected < 10.10.1-r2fixed 10.10.1-r2
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex
- CVE-2022-4045Nov 23, 2022affected < 0fixed 0
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data.
- CVE-2022-4019Nov 23, 2022affected < 0fixed 0
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints.