Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
(browse all)
Permalink CVE-2025-14435
updated 1 month ago by @LeSuisse Activity log
  • Created automatic suggestion 1 month ago
  • @LeSuisse removed
    5 packages
    • python312Packages.mattermostdriver
    • python313Packages.mattermostdriver
    • mattermost-desktop
    • mattermostLatest
    • mattermost
    1 month ago
  • @LeSuisse added
    2 packages
    • mattermostLatest
    • mattermost
    1 month ago
  • @LeSuisse dismissed 1 month ago
Application-Level DoS via infinite re-render loop in user profile handling

Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops.

Affected products

Mattermost
  • ==11.0.7
  • =<11.0.6
  • ==11.2.0
  • =<10.11.8
  • ==10.11.9
  • =<11.1.1
  • ==11.1.2

Matching in nixpkgs

pkgs.mattermost

Mattermost is an open source platform for secure collaboration across the entire software development lifecycle

pkgs.mattermostLatest

Mattermost is an open source platform for secure collaboration across the entire software development lifecycle

Package maintainers

Already fixed in unstable and stable branches.