x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-32h7-7j94-8fc2

In GitHub Security Advisory [GHSA-32h7-7j94-8fc2](https://github.com/advisories/GHSA-32h7-7j94-8fc2), there is a vulnerability in the following Go packages or modules:

| Unit | Fixed | Vulnerable Ranges |
| - | - | - |
| [github.com/mattermost/mattermost/server/v8](https://pkg.go.dev/github.com/mattermost/mattermost/server/v8) | 9.1.5 | >= 9.1.0, < 9.1.5 || [github.com/mattermost/mattermost/server/v8](https://pkg.go.dev/github.com/mattermost/mattermost/server/v8) | 9.2.4 | >= 9.2.0, < 9.2.4 || [github.com/mattermost/mattermost/server/v8](https://pkg.go.dev/github.com/mattermost/mattermost/server/v8) | 8.1.8 | < 8.1.8 |

Cross references:
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2182  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2183  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2184  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2390  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2444  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2446  EFFECTIVELY_PRIVATE
- Module github.com/mattermost/mattermost/server/v8 appears in issue #2450  EFFECTIVELY_PRIVATE


See [doc/triage.md](https://github.com/golang/vulndb/blob/master/doc/triage.md) for instructions on how to triage this report.

```
modules:
    - module: github.com/mattermost/mattermost/server/v8
      versions:
        - introduced: 9.1.0
          fixed: 9.1.5
      packages:
        - package: github.com/mattermost/mattermost/server/v8
    - module: github.com/mattermost/mattermost/server/v8
      versions:
        - introduced: 9.2.0
          fixed: 9.2.4
      packages:
        - package: github.com/mattermost/mattermost/server/v8
    - module: github.com/mattermost/mattermost/server/v8
      versions:
        - fixed: 8.1.8
      packages:
        - package: github.com/mattermost/mattermost/server/v8
summary: Mattermost vulnerable to denial of service via large number of emoji reactions
cves:
    - CVE-2024-1402
ghsas:
    - GHSA-32h7-7j94-8fc2
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2024-1402
    - web: https://mattermost.com/security-updates
    - fix: https://github.com/mattermost/mattermost/commit/64cb0ca8af2dbda1afcddd1604460591a4799b81
    - fix: https://github.com/mattermost/mattermost/commit/6d2440de9fd774b67e65e3aac4ab8b6ef9aba2d8
    - fix: https://github.com/mattermost/mattermost/commit/81190e2da128a6985914ea7023a69ac400513fc4
    - advisory: https://github.com/advisories/GHSA-32h7-7j94-8fc2

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-32h7-7j94-8fc2 #2541

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-32h7-7j94-8fc2 #2541

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions