- Description
- Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel.
- Source
- responsibledisclosure@mattermost.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- responsibledisclosure@mattermost.com
- CWE-1287
- Hype score
- Not currently trending
MediaTekが2月のセキュリティ更新を公開。無線LAN(WLAN) APにおいて複数(CVE-2025-20633, CVE-2025-20632, CVE-2025-20631)の深刻な脆弱性。境界チェックの不備に起因する遠隔コード実行。CVE-2025-20630はモデム等における境界外書き込み。機器製造元での更新確認を推奨。 https://t.co/ImOYiks68m
@__kokumoto
3 Feb 2025
496 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20630 Mattermost Mobile Denial of Service via Malformed Attachments https://t.co/jxgByHWeTe
@VulmonFeeds
16 Jan 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes