x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-f37q-q7p2-ccfc

In GitHub Security Advisory [GHSA-f37q-q7p2-ccfc](https://github.com/advisories/GHSA-f37q-q7p2-ccfc), there is a vulnerability in the following Go packages or modules:

| Unit | Fixed | Vulnerable Ranges |
| - | - | - |
| [github.com/mattermost/mattermost-server/v6](https://pkg.go.dev/github.com/mattermost/mattermost-server/v6) | 6.4.2 | < 6.4.2 |

See [doc/triage.md](https://github.com/golang/vulndb/blob/master/doc/triage.md) for instructions on how to triage this report.

```
packages:
  - package: github.com/mattermost/mattermost-server/v6
    versions:
      - fixed: 6.4.2
description: The image proxy component in Mattermost version 6.4.1 and earlier allocates
    memory for multiple copies of a proxied image, which allows an authenticated attacker
    to crash the server via links to very large image files.
published: 2022-04-14T00:00:17Z
last_modified: 2022-04-26T13:05:38Z
cves:
  - CVE-2022-1337
ghsas:
  - GHSA-f37q-q7p2-ccfc
links:
    context:
      - https://github.com/advisories/GHSA-f37q-q7p2-ccfc

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-f37q-q7p2-ccfc #595

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-f37q-q7p2-ccfc #595

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions