Описание
Mattermost Server has low entropy for authorization data as an OAuth 2.0 Service Provider
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.
Пакеты
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
< 4.1.2
4.1.2
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
>= 4.2.0-rc1, < 4.2.1
4.2.1
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
>= 4.3.0-rc1, < 4.3.0
4.3.0
Связанные уязвимости
CVSS3: 9.1
nvd
больше 5 лет назад
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.
CVSS3: 9.1
debian
больше 5 лет назад
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and ...