Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 232
CVE-2023-5159
Mattermost fails to properly verify the permissions when managing/upda ...
GHSA-p267-jjfq-pphf
Mattermost fails to check if user is a guest before performing actions on public playbooks
GHSA-9rww-66w7-7vjx
Mattermost fails to sanitize post metadata
GHSA-g3v6-r8p9-wxg9
Mattermost fails to correctly delete attachments
GHSA-6xjj-v76v-fwpj
Mattermost does not validate requesting user permissions before updating admin details
CVE-2023-4108
Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged
CVE-2023-4108
Mattermost fails to sanitize post metadata during audit logging result ...
CVE-2023-4107
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.
CVE-2023-4107
Mattermost fails to properly validate the requesting user permissions ...
CVE-2023-4106
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2023-5159 Mattermost fails to properly verify the permissions when managing/upda ... | CVSS3: 3.8 | 0% Низкий | больше 1 года назад |
| GHSA-p267-jjfq-pphf Mattermost fails to check if user is a guest before performing actions on public playbooks | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
| GHSA-9rww-66w7-7vjx Mattermost fails to sanitize post metadata | CVSS3: 4.5 | 0% Низкий | почти 2 года назад |
| GHSA-g3v6-r8p9-wxg9 Mattermost fails to correctly delete attachments | CVSS3: 3.1 | 0% Низкий | почти 2 года назад |
| GHSA-6xjj-v76v-fwpj Mattermost does not validate requesting user permissions before updating admin details | CVSS3: 6.7 | 0% Низкий | почти 2 года назад |
 | CVE-2023-4108 Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged | CVSS3: 4.5 | 0% Низкий | почти 2 года назад |
| CVE-2023-4108 Mattermost fails to sanitize post metadata during audit logging result ... | CVSS3: 4.5 | 0% Низкий | почти 2 года назад |
| CVE-2023-4107 Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name. | CVSS3: 6.7 | 0% Низкий | почти 2 года назад |
| CVE-2023-4107 Mattermost fails to properly validate the requesting user permissions ... | CVSS3: 6.7 | 0% Низкий | почти 2 года назад |
| CVE-2023-4106 Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks. | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу