Количество 3
Количество 3
CVE-2025-36530
Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin signature enforcement and marketplace restrictions.
CVE-2025-36530
Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5 ...
GHSA-gq3r-5833-5532
Mattermost Fails to Validate File Paths
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-36530 Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin signature enforcement and marketplace restrictions. | CVSS3: 6.8 | 0% Низкий | 6 месяцев назад |
| CVE-2025-36530 Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5 ... | CVSS3: 6.8 | 0% Низкий | 6 месяцев назад |
| GHSA-gq3r-5833-5532 Mattermost Fails to Validate File Paths | CVSS3: 6.8 | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу