Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 232
CVE-2023-5967
Mattermost fails to properly validate requests to the Calls plugin, al ...
GHSA-2w9p-mj8f-374x
Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel.
CVE-2023-5522
Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel.
GHSA-4f96-v6r6-c7jh
Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled
CVE-2023-5160
Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled
CVE-2023-5160
Mattermost fails to check the Show Full Name option at the /api/v4/tea ...
GHSA-9hwp-cj7m-wjw4
Mattermost Incorrect Authorization vulnerability
GHSA-h69v-mvh9-hfrq
Mattermost Incorrect Authorization vulnerability
GHSA-rp65-jpc7-8h8p
Mattermost Incorrect Authorization vulnerability
GHSA-33r7-wjfc-7w98
Mattermost Uncontrolled Resource Consumption vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2023-5967 Mattermost fails to properly validate requests to the Calls plugin, al ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-2w9p-mj8f-374x Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
 | CVE-2023-5522 Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-4f96-v6r6-c7jh Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5160 Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5160 Mattermost fails to check the Show Full Name option at the /api/v4/tea ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-9hwp-cj7m-wjw4 Mattermost Incorrect Authorization vulnerability | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| GHSA-h69v-mvh9-hfrq Mattermost Incorrect Authorization vulnerability | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-rp65-jpc7-8h8p Mattermost Incorrect Authorization vulnerability | CVSS3: 2.7 | 0% Низкий | больше 1 года назад |
| GHSA-33r7-wjfc-7w98 Mattermost Uncontrolled Resource Consumption vulnerability | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу