Filter
AND
Versions
9.5.0
19
4.2.0
18
4.3.0-rc1
18
4.3.0-rc2
18
4.3.0-rc3
18
4.3.0-rc4
18
8.1.0
15
9.2.0
15
5.7.0
14
5.8.0
11
7.10.0
11
7.8.0
11
7.9.0
11
8.0.0
11
9.0.0
11
4.1.0
10
5.9.0-rc1
10
5.9.0-rc2
10
5.9.0-rc3
10
5.9.0-rc4
10
3.7.0
9
4.2.0-rc1
9
4.2.0-rc2
9
4.2.0-rc3
9
4.2.0-rc4
9
9.3.0
9
9.4.0
9
3.8.0
8
8.1.5
8
9.9.0
8
9.2.1
7
3.10.0
6
5.16.0
6
9.10.0
6
9.11.0
6
5.15.0
5
5.17.0
5
5.6.0
5
6.4.0
5
7.8.14
5
9.0.3
5
9.1.1
5
9.1.2
5
9.8.0
5
4.6.0
4
5.0.0
4
5.18.0-rc1
4
5.18.0-rc2
4
5.18.0-rc3
4
5.18.0-rc4
4
6.2.0
4
6.3.0
4
7.7.1
4
8.1.7
4
9.1.0
4
3.6.0
3
4.0.0
3
4.4.0
3
5.12.0
3
5.5.0
3
6.6.0
3
9.7.0
3
10.0.0
2
10.0.0-rc1
2
10.0.0-rc2
2
10.0.0-rc3
2
10.0.0-rc4
2
4.10.0
2
4.5.0-rc1
2
4.5.0-rc2
2
4.5.0-rc3
2
4.5.0-rc4
2
4.7.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
4.8.0
2
5.1.0
2
5.2.0-rc1
2
5.2.0-rc2
2
5.2.0-rc3
2
5.2.0-rc4
2
5.2.0-rc5
2
5.2.0-rc6
2
5.37.0
2
5.7.0-rc1
2
5.7.0-rc2
2
5.7.0-rc3
2
5.7.0-rc4
2
5.7.0-rc5
2
5.7.0-rc6
2
5.8.0-rc1
2
5.8.0-rc2
2
5.8.0-rc3
2
5.8.0-rc4
2
5.9.0
2
6.0
2
6.0.0
2
6.7.0
2
9.11.0-rc1
2
9.11.0-rc2
2
9.11.0-rc3
2
4.3.0
1
4.9.0
1
5.1.0-rc1
1
5.1.0-rc2
1
5.1.0-rc3
1
5.1.0-rc4
1
5.10.0
1
5.10.0-rc1
1
5.10.0-rc2
1
5.10.0-rc3
1
5.10.0-rc4
1
5.10.0-rc5
1
5.10.0-rc6
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.13.0
1
5.14.0
1
5.14.0-rc1
1
5.14.0-rc2
1
5.14.0-rc3
1
5.14.0-rc4
1
5.14.0-rc5
1
5.18.0
1
5.19.0-rc1
1
5.19.0-rc2
1
5.19.0-rc3
1
5.2.0
1
5.32.0
1
6.5.0
1
6.6.1
1
7.2.0
1
9.1.4
1
9.10.2
1
9.11.1
1
9.2.3
1
9.3.0-rc1
1
9.3.0-rc2
1
9.5.9
1
go/github.com/mattermost/mattermost/server/v8Denial of service in mattermost mobile apps and server via emoji reactions
4.3
First published (updated )
go/github.com/mattermost/mattermost/server/v8Excessive resource consumption when sending long emoji names in user custom status
6.5
EPSS
0.04%
First published (updated )
MattermostTeam associated AD/LDAP Groups Leaked due to missing authorization
6.5
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost-server/v6Resource Exhaustion via the Invitation Feature
6.5
EPSS
0.04%
First published (updated )
MattermostPublic endpoint /metrics of Calls plugin reveals channel IDs
5.3
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Invite ID available to team admins even without the "Add Members" permission
4.7
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Users maintain access to active call after being removed from a channel
3.1
First published (updated )
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to li…
4.3
First published (updated )
go/github.com/mattermost/mattermost/server/v8Infoleak, Race Condition
2.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Infoleak
4.3
First published (updated )
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0 fail to sanitize the metadata …
4.3
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
4.3
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8DoS via a large number of User Preferences
6.5
EPSS
0.04%
First published (updated )
MattermostStack overflow in document extractor in Mattermost
6.5
First published (updated )
MattermostRestricted custom admin role can bypass the restrictions and view the server logs and server config.json file contents
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostInvitation Email is resent as a Reminder after invalidating pending email invites
5.8
First published (updated )
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
MattermostA crafted SVG attachment can crash a Mattermost server
6.5
First published (updated )
MattermostIncorrect defaults can cause attackers to bypass rate limitations
5.6
First published (updated )
MattermostTeam members could access sensitive information of other users via an API call
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostServer-side Denial of Service while processing a specifically crafted JPEG file
6.5
First published (updated )
MattermostServer-side Denial of Service while processing a specifically crafted GIF file
6.5
First published (updated )
MattermostDisclosure of team owner email address when regenerating Invite ID
2.7
First published (updated )
MattermostDisclosure of team owner email address when when accessing the teams API
2.7
First published (updated )
MattermostReflected XSS in OAuth flow completion endpoints
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.