github.com/mattermost/mattermost-server vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-39837Lowgithub.com/mattermost/mattermost/server/v8: Mattermost did not properly restrict channel creationCVE-2024-4195Lowgithub.com/mattermost/mattermost-server: Mattermost allows team admins to promote guests to team adminsCVE-2024-4183Mediumgithub.com/mattermost/mattermost-server: Mattermost fails to limit the number of active sessionsCVE-2024-4182Mediumgithub.com/mattermost/mattermost-server: Mattermost crashes web clients via a malformed custom statusCVE-2024-4198Lowgithub.com/mattermost/mattermost-server: Mattermost fails to fully validate role changesCVE-2024-32046Mediumgithub.com/mattermost/mattermost-server: Mattermost's detailed error messages reveal the full file pathCVE-2024-22091Lowgithub.com/mattermost/mattermost-server: Mattermost fails to limit the size of a request pathCVE-2024-28053Lowgithub.com/mattermost/mattermost/server/v8: Mattermost Server Resource ExhaustionCVE-2023-5968Mediumgithub.com/mattermost/mattermost/server/v8: Mattermost password hash disclosure vulnerabilityCVE-2023-1776Mediumgithub.com/mattermost/mattermost-server/v6: Mattermost vulnerable to cross-site scripting (XSS)CVE-2023-1775Mediumgithub.com/mattermost/mattermost-server: Mattermost vulnerable to information disclosure CVE-2023-1774Mediumgithub.com/mattermost/mattermost-server: Mattermost fails to properly authentication inviter's permissions to private channelCVE-2023-1777Mediumgithub.com/mattermost/mattermost-server/v6: Mattermost vulnerable to information disclosureCVE-2022-4045Mediumgithub.com/mattermost/mattermost-server: Denial of service in MattermostCVE-2022-4044Mediumgithub.com/mattermost/mattermost-server: Denial of service in MattermostCVE-2022-1982Mediumgithub.com/mattermost/mattermost-server: Uncontrolled Resource Consumption in Mattermost serverCVE-2018-21258Highgithub.com/mattermost/mattermost-server: Mattermost Server is vulnerable to a Denial of Service attack through `invite_people` commandCVE-2017-18917Highgithub.com/mattermost/mattermost-server: Mattermost Server uses weak hashing for OAuth, email verification tokens and invitationsCVE-2017-18915Criticalgithub.com/mattermost/mattermost-server: Mattermost Server server restarts may provide attackers with API accessCVE-2017-18918Mediumgithub.com/mattermost/mattermost-server: Mattermost Server does not restrict SAML certificate path for System AdministratorsCVE-2017-18916Mediumgithub.com/mattermost/mattermost-server: Mattermost Server has Improper Authorization for Integration RequestsCVE-2017-18911Criticalgithub.com/mattermost/mattermost-server: Mattermost Server has X.509 Improper Certificate ValidationCVE-2017-18912Highgithub.com/mattermost/mattermost-server: Mattermost Server allows an attacker to specify a full pathname of a log fileCVE-2017-18909Highgithub.com/mattermost/mattermost-server: Mattermost Server SAML implementation does not require encryption or signature verification as…CVE-2017-18902Mediumgithub.com/mattermost/mattermost-server: Mattermost Server exposes team invite IDs through API endpoints

Stop the waste.
Protect your environment with Kodem.