Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-9548
An issue exists in Mattermost Server prior to 1.2.0. It allows malicious users to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18919
An issue exists in Mattermost Server prior to 3.7.0 and 3.6.3. Attackers can use the API for unauthenticated team creation.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18905
An issue exists in Mattermost Server prior to 4.0.0, 3.10.2, and 3.9.2, when used as an OAuth 2.0 service provider, Session invalidation was mishandled.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18914
An issue exists in Mattermost Server prior to 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18916
An issue exists in Mattermost Server prior to 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integration permission restriction.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18917
An issue exists in Mattermost Server prior to 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18902
An issue exists in Mattermost Server prior to 4.1.0, 4.0.4, and 3.10.3. It allows malicious users to discover team invite IDs via team API endpoints.
Mattermost Mattermost Server
445
VMScore
CVE-2017-18887
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
445
VMScore
CVE-2017-18895
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
445
VMScore
CVE-2017-18896
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »