Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 232
GHSA-c37r-v8jx-7cv2
Mattermost Uncontrolled Resource Consumption vulnerability
GHSA-jcgv-3pfq-j4hr
Mattermost Injection vulnerability
GHSA-j4c3-3h73-74m9
Mattermost Uncontrolled Resource Consumption vulnerability
GHSA-jj46-9cgh-qmfx
Mattermost Improper Access Control vulnerability
CVE-2023-6202
Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.
CVE-2023-6202
Mattermost fails to perform proper authorization in the /plugins/focal ...
CVE-2023-48369
Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log.
CVE-2023-48369
Mattermost fails to limit the log size of server logs allowing an atta ...
CVE-2023-48268
Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb).
CVE-2023-48268
Mattermost fails tolimit the amount of data extracted from compressed ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-c37r-v8jx-7cv2 Mattermost Uncontrolled Resource Consumption vulnerability | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-jcgv-3pfq-j4hr Mattermost Injection vulnerability | CVSS3: 3.1 | 0% Низкий | больше 1 года назад |
| GHSA-j4c3-3h73-74m9 Mattermost Uncontrolled Resource Consumption vulnerability | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-jj46-9cgh-qmfx Mattermost Improper Access Control vulnerability | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
 | CVE-2023-6202 Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-6202 Mattermost fails to perform proper authorization in the /plugins/focal ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-48369 Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-48369 Mattermost fails to limit the log size of server logs allowing an atta ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-48268 Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb). | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-48268 Mattermost fails tolimit the amount of data extracted from compressed ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу