CNNVD-202601-2710 Information
CNNVD ID
CNNVD-202601-2710
Related CVE
- CNNVD Published: 2026-01-16
Description (Chinese)
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.11.8及之前的10.11.x版本、11.1.1及之前的11.1.x版本和11.0.6及之前的11.0.x版本存在安全漏洞,该漏洞源于未能防止API错误时的无限重新渲染,可能导致经过身份验证的用户通过触发无限制组件重新渲染循环来造成应用级拒绝服务。
Description (English)
Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mattermust 10.11.8 and earlier versions 10.11.x, 11.1.1 and earlier versions 11.1.x and 11.0.6 and earlier versions 11.0.x, which stems from the failure to prevent unlimited retrofitting at the time of API error, which may result in application-level refusals by the user who has been identified by triggering a re-rendering cycle of unrestricted components.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2026-01-16
Last Modified
2026-02-24
References
https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-14435
Patch
https://mattermost.com/security-updates
Share on: