Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 232
GHSA-ffmx-32wf-j77f
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the c ...
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
GHSA-898c-6fq9-5cv9
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
GHSA-jqq9-5hrp-9jg8
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specificall ...
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-ffmx-32wf-j77f Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | 0% Низкий | больше 3 лет назад | |
 | CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the c ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-898c-6fq9-5cv9 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-jqq9-5hrp-9jg8 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | 0% Низкий | больше 3 лет назад | |
| CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specificall ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 2.6 | 0% Низкий | больше 3 лет назад |
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions ... | CVSS3: 2.6 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу