Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vnm9-vzva-ubf9
SummaryMattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops.
Aliases
0
alias CVE-2025-14435
1
alias GHSA-mx8m-v8qm-xwr8
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14435
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05972
published_at 2026-06-12T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05963
published_at 2026-06-13T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05949
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14435
1
reference_url https://github.com/mattermost/mattermost
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mattermost/mattermost
2
reference_url https://github.com/mattermost/mattermost/commit/613bb616cd62c584a606919e6978688e7b87d81e
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mattermost/mattermost/commit/613bb616cd62c584a606919e6978688e7b87d81e
3
reference_url https://github.com/mattermost/mattermost/commit/9f7629504bc93f79af8d606329c025a687e143cd
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mattermost/mattermost/commit/9f7629504bc93f79af8d606329c025a687e143cd
4
reference_url https://github.com/mattermost/mattermost/commit/cc6b77b271324796b72f1e6b82dba85a86462f9f
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mattermost/mattermost/commit/cc6b77b271324796b72f1e6b82dba85a86462f9f
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14435
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14435
6
reference_url https://pkg.go.dev/vuln/GO-2026-4326
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2026-4326
7
reference_url https://mattermost.com/security-updates
reference_id security-updates
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T14:08:48Z/
url https://mattermost.com/security-updates
Weaknesses
0
cwe_id 770
name Allocation of Resources Without Limits or Throttling
description The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Exploits
Severity_range_score4.0 - 6.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vnm9-vzva-ubf9