Filter
Software
go/github.com/mattermost/mattermost/server/v8Denial of service in mattermost mobile apps and server via emoji reactions
4.3
First published (updated )
MattermostDenial of Service for mobile app users due to automatic code highlighting
6.5
EPSS
0.04%
First published (updated )
Mattermost Mobile AppsMattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexit…
6.5
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Excessive resource consumption when sending long emoji names in user custom status
6.5
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostTeam associated AD/LDAP Groups Leaked due to missing authorization
6.5
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost-server/v6Resource Exhaustion via the Invitation Feature
6.5
EPSS
0.04%
First published (updated )
MattermostPublic endpoint /metrics of Calls plugin reveals channel IDs
5.3
EPSS
0.05%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Invite ID available to team admins even without the "Add Members" permission
4.7
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Users maintain access to active call after being removed from a channel
3.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to li…
4.3
First published (updated )
go/github.com/mattermost/mattermost/server/v8Infoleak, Race Condition
2.6
First published (updated )
go/github.com/mattermost/mattermost/server/v8Infoleak
4.3
First published (updated )
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0 fail to sanitize the metadata …
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
4.3
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.…
6.5
First published (updated )
go/github.com/mattermost/mattermost/server/v8DoS via a large number of User Preferences
6.5
EPSS
0.04%
First published (updated )
MattermostServer-side Denial of Service while processing a specifically crafted GIF file
5.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mattermost BoardsSession is not invalidated on server-side when user logged out of Boards
7.5
First published (updated )
Mattermost BoardsEmails of all users are exposed via one of the Boards APIs
4.3
First published (updated )
MattermostUsers can view the contents of an archived channel when access is explicitly denied by the system admin
6.5
First published (updated )
MattermostTeam Creator's Email Address is disclosed to Team Members via one of the APIs
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostStack overflow in document extractor in Mattermost
6.5
First published (updated )
MattermostSysadmin can override existing configs & bypass restrictions like EnableUploads
4.9
First published (updated )
Mattermost PlaybooksA specifically drafted Playbook could trigger large amount of webhook requests leading to Denial of Service
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.