github.com/mattermost/mattermost/server/v8 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-41926Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows remote actor to set arbitrary RemoteId values for synced usersCVE-2024-41144Highgithub.com/mattermost/mattermost/server/v8: Mattermost allows remote actor to create/update/delete posts in arbitrary channelsCVE-2024-39837Lowgithub.com/mattermost/mattermost/server/v8: Mattermost did not properly restrict channel creationCVE-2024-39839Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows a user on a remote to set their remote username prop to an arbitrary stringCVE-2024-39832Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows a remote actor to permanently delete local data by abusing dangerous error…CVE-2024-39777Criticalgithub.com/mattermost/mattermost/server/v8: Mattermost allows unsolicited invites to expose access to local channelsCVE-2024-41162Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows a remote actor to make an arbitrary local channel read-onlyCVE-2024-39274Criticalgithub.com/mattermost/mattermost/server/v8: Mattermost failed to properly validate that the channel that comes from the sync message is a…CVE-2024-29977Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost failed to properly validate synced reactionsCVE-2024-36492Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost failed to disallow the modification of local users when syncing users in shared channelsCVE-2024-2447Highgithub.com/mattermost/mattermost/server/v8: Mattermost fails to authenticate the source of certain types of post actionsCVE-2024-28949Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Server doesn't limit the number of user preferencesCVE-2024-29221Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost Server Improper Access Control CVE-2024-21848Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Server Improper Access ControlCVE-2024-28053Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Server Resource ExhaustionCVE-2024-1949Lowgithub.com/mattermost/mattermost/server/v8: Mattermost race conditionCVE-2024-1953Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost fails to limit the number of role namesCVE-2024-1952Lowgithub.com/mattermost/mattermost/server/v8: Mattermost incorrectly allows access individual postsCVE-2024-1942Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost allows attackers access to posts in channels they are not a member ofCVE-2024-24988Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost denial of service through long emoji valueCVE-2024-23493Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost leaks details of AD/LDAP groups of a teamsCVE-2024-1888Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost fails to check the "invite_guest" permission CVE-2024-1887Highgithub.com/mattermost/mattermost/server/v8: Mattermost post fetching without auditing in compliance export CVE-2024-23488Lowgithub.com/mattermost/mattermost/server/v8: Mattermost fails to properly restrict the access of files attached to postsCVE-2024-1402Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost vulnerable to denial of service via large number of emoji reactions

Stop the waste.
Protect your environment with Kodem.