CNNVD-202512-3263 Information

CNNVD ID

CNNVD-202512-3263

Related CVE

CVE-2025-12689

• CNNVD Published: 2025-12-17

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 11.0.4及之前的11.0.x版本、10.12.2及之前的10.12.x版本和10.11.6及之前的10.11.x版本存在安全漏洞，该漏洞源于未检查WebSocket请求字段的UTF-8格式，可能导致通过发送畸形请求使Calls插件崩溃。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. 11.0.4 and earlier versions 11.0.x, 10.12.2 and preceding versions 10.12.x and 10.1.6 and preceding versions 10.11.x have security loopholes, which stem from UTF-8 format that failed to check the WebSocket request field and could lead to the collapse of the Calls plugin by sending a deformity request.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2025-12-17

Last Modified

2026-02-24

References

https://mattermost.com/security-updates

Patch

https://mattermost.com/security-updates/