{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T00:45:47.774","vulnerabilities":[{"cve":{"id":"CVE-2023-48268","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2023-11-27T10:15:08.217","lastModified":"2024-11-21T08:31:22.667","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb).\n\n"},{"lang":"es","value":"Mattermost no limita la cantidad de datos extraídos de archivos comprimidos durante la importación de tableros en Mattermost Boards, lo que permite a un atacante consumir recursos excesivos, lo que posiblemente lleve a una denegación de servicio, al importar un tablero usando un zip (bomba zip) especialmente manipulado."}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*","versionEndIncluding":"7.8.12","matchCriteriaId":"BAEFCB9C-4CFC-4C2D-B53D-4A1E9B54E744"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndIncluding":"8.1.3","matchCriteriaId":"7CFE72E8-D2A6-4994-88F6-2B04DB413631"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.0.1","matchCriteriaId":"DF5E1B7D-7237-4464-9873-0A85C80CC76A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost:9.1.0:*:*:*:*:*:*:*","matchCriteriaId":"9D960BDC-FB30-4112-B1CC-219D1EC32145"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]},{"url":"https://mattermost.com/security-updates","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}