Mattermost Mobile Apps Denial-of-Service Vulnerability via Crafted Attachment Names

Vulnerability

A denial-of-service vulnerability has been identified in Mattermost Mobile Apps, affecting versions through 2.22.0. The issue arises because the apps do not properly manage attachment names that have been specially crafted. This flaw enables an attacker to cause the mobile app to crash for any user who opens a channel with the affected attachment.

Impact

Exploiting this vulnerability leads to a crash of the Mattermost mobile app for users who open a channel containing the specially crafted attachment.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Mobile Apps Denial-of-Service Vulnerability via Crafted Attachment Names

Vulnerability

Impact

Affected Products

Mattermost Mobile Apps

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating