Mobile Application Vulnerability in Mattermost Apps Affecting Android Devices
CVE-2025-1558

6.5MEDIUM

Key Information:

Vendor: Mattermost
Status: Mattermost
Vendor: CVE Published:; 24 March 2025

What is CVE-2025-1558?

A vulnerability in Mattermost Mobile Apps, specifically in versions prior to 2.25.0, allows for improper validation of GIF images. An attacker can exploit this weakness by sending a maliciously crafted GIF, which, when rendered in the application, may lead to instability and crashing of the Android app. This risk highlights the need for diligent security measures and prompt updates to ensure the integrity of user experiences.

Affected Version(s)

Mattermost Android 0 <= 2.25.0

Mattermost Android 2.26.0

Mattermost Android 2.25.1

References

https://mattermost.com/security-updates

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2025
Vulnerability Reserved
Feb 21, 2025

Credit

defalt47