Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths https://mattermost.com/security-updates
Created purple-mattermost tracking bugs for this issue: Affects: epel-all [bug 2277332] Affects: fedora-all [bug 2277333]