Skip to main content

Out-of-bounds Write

CVE-2022-0904

Severity Medium
Score 6.5/10

Summary

A stack overflow bug in the document extractor in Mattermost Server in versions 5.35.x prior to 5.37.8, 6.0.x, 6.1.x prior to 6.1.3, 6.2.x prior to 6.2.3 and 6.3.x prior to 6.3.3 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages document.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-787 - Out-of-Bounds Write

Out-of-bounds write vulnerability is a memory access bug that allows software to write data past the end or before the beginning of the intended buffer. This may result in the corruption of data, a crash, or arbitrary code execution.

Advisory Timeline

  • Published