Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 263
CVE-2022-1002
Mattermost 6.3.0 and earlier fails to properly sanitize the HTML conte ...
GHSA-ffmx-32wf-j77f
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the c ...
CVE-2022-0708
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
GHSA-898c-6fq9-5cv9
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
GHSA-jqq9-5hrp-9jg8
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service.
CVE-2021-37865
Mattermost 6.2 and earlier fails to sufficiently process a specificall ...
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2022-1002 Mattermost 6.3.0 and earlier fails to properly sanitize the HTML conte ... | CVSS3: 2 | 0% Низкий | почти 4 года назад |
| GHSA-ffmx-32wf-j77f Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | 0% Низкий | почти 4 года назад | |
 | CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the c ... | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
 | CVE-2022-0708 Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| GHSA-898c-6fq9-5cv9 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
| GHSA-jqq9-5hrp-9jg8 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | 1% Низкий | около 4 лет назад | |
| CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service. | CVSS3: 4.3 | 1% Низкий | около 4 лет назад |
| CVE-2021-37865 Mattermost 6.2 and earlier fails to sufficiently process a specificall ... | CVSS3: 4.3 | 1% Низкий | около 4 лет назад |
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs. | CVSS3: 2.6 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу