Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 232
GHSA-8345-jr9c-vhph
Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files
CVE-2023-2831
Mattermost fails to unescape Markdown strings in a memory-efficient way, allowing an attacker to cause a Denial of Service by sending a message containing a large number of escaped characters.
CVE-2023-2831
Mattermost fails to unescape Markdown strings in a memory-efficient wa ...
CVE-2023-2797
Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel.
CVE-2023-2797
Mattermost fails to sanitize code permalinks, allowing an attacker to ...
CVE-2023-2793
Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-service by a linking to a specially crafted webpage in a message.
CVE-2023-2793
Mattermost fails to validate links on external websites when construct ...
CVE-2023-2792
Mattermost fails to sanitize ephemeral error messages, allowing an attacker to obtain arbitrary message contents by a specially crafted /groupmsg command.
CVE-2023-2792
Mattermost fails to sanitize ephemeral error messages, allowing an att ...
CVE-2023-2785
Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files which can result in Denial of Service
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-8345-jr9c-vhph Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
 | CVE-2023-2831 Mattermost fails to unescape Markdown strings in a memory-efficient way, allowing an attacker to cause a Denial of Service by sending a message containing a large number of escaped characters. | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
| CVE-2023-2831 Mattermost fails to unescape Markdown strings in a memory-efficient wa ... | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
| CVE-2023-2797 Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel. | CVSS3: 3.1 | 0% Низкий | около 2 лет назад |
| CVE-2023-2797 Mattermost fails to sanitize code permalinks, allowing an attacker to ... | CVSS3: 3.1 | 0% Низкий | около 2 лет назад |
| CVE-2023-2793 Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-service by a linking to a specially crafted webpage in a message. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-2793 Mattermost fails to validate links on external websites when construct ... | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-2792 Mattermost fails to sanitize ephemeral error messages, allowing an attacker to obtain arbitrary message contents by a specially crafted /groupmsg command. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-2792 Mattermost fails to sanitize ephemeral error messages, allowing an att ... | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-2785 Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files which can result in Denial of Service | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу