[GHSA-59hf-mpf8-pqjh] Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8...

[c0rydoras]

Updates

• Affected products
• CVSS v3
• CWEs
• Description
• References
• Severity
• Source code location
• Summary

Comments

• CVSS: use CVSS from NVD https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-47003&vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&version=3.1&source=NIST

• CWE: this is in not Uncontrolled Resource Consumption

• add affected products from description

• adjust description of vulnerability and not just DoS (see https://github.com/c0rydoras/cves/tree/main/CVE-2024-47003)

• add fixes to references

[advisory-database[bot]]

Hi @c0rydoras! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!