Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-1384

Опубликовано: 19 апр. 2022
Источник: debian
EPSS Низкий

Описание

Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mattermost-serveritppackage

EPSS

Процентиль: 55%
0.00326
Низкий

Связанные уязвимости

nvd логотип

CVE-2022-1384

CVSS3: 4.7
nvd
почти 4 года назад

Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities.

github логотип

GHSA-32rp-q37p-jg6w

CVSS3: 8.8
github
почти 4 года назад

Insecure plugin handling in Mattermost

EPSS

Процентиль: 55%
0.00326
Низкий