Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 249
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
GHSA-898c-6fq9-5cv9
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
GHSA-jqq9-5hrp-9jg8
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specificall ...
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions ...
GHSA-hvvh-wh5g-3ppr
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails.
CVE-2021-37861
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails.
CVE-2021-37861
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's pas ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| GHSA-898c-6fq9-5cv9 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-jqq9-5hrp-9jg8 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | 1% Низкий | почти 4 года назад | |
 | CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | CVSS3: 4.3 | 1% Низкий | почти 4 года назад |
| CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specificall ... | CVSS3: 4.3 | 1% Низкий | почти 4 года назад |
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 2.6 | 0% Низкий | почти 4 года назад |
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions ... | CVSS3: 2.6 | 0% Низкий | почти 4 года назад |
| GHSA-hvvh-wh5g-3ppr Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails. | 0% Низкий | около 4 лет назад | |
| CVE-2021-37861 Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails. | CVSS3: 5.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-37861 Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's pas ... | CVSS3: 5.8 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу