mattermost
575 tracked vulnerabilities.
CVE-2024-42406
MEDIUM
Mattermost <9.11.0-9.5.8 - Info Disclosure
Sep 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-45835
LOW
Mattermost Desktop App <=5.8.0 - Info Disclosure
Sep 16, 2024
CVSS 2.5
EPSS 0.00
CVE-2024-39772
LOW
Mattermost Desktop App <=5.8.0 - Unauthenticated Screen Capture via JavaScript APIs
Sep 16, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-45833
MEDIUM
Mattermost Mobile Apps <=2.18.0 - Info Disclosure
Sep 16, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-39613
MEDIUM
Mattermost Desktop App <=5.8.0 - Uncontrolled Search Path Element via cmd.exe
Sep 16, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-43105
MEDIUM
Mattermost Plugin Channel Export <=1.0.0 - DoS
Aug 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-43780
MEDIUM
Mattermost 9.5.0-9.5.7 9.8.0-9.8.2 9.9.0-9.9.1 9.10.0 - Unauthenticated File Upload via Guest User Channel Access
Aug 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-42497
MEDIUM
Mattermost <9.9.1-9.10.0 - Privilege Escalation
Aug 22, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-40884
LOW
Mattermost <9.5.8, <9.10.1 - Privilege Escalation
Aug 22, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-8071
MEDIUM
Mattermost <9.9.1-9.10.0 - Privilege Escalation
Aug 22, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-43813
MEDIUM
Mattermost 9.5.0-9.5.7 and 9.10.0 - Authenticated Improper Access Control
Aug 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-42411
MEDIUM
Mattermost <9.9.1, 9.5.7, 9.10.0, 9.8.2 - Info Disclosure
Aug 22, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-40886
MEDIUM
Mattermost <9.9.1, <9.5.7, <9.10.0, <9.8.2 - Path Traversal
Aug 22, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-39836
MEDIUM
Mattermost <9.9.1, 9.5.7, 9.10.0, 9.8.2 - Info Disclosure
Aug 22, 2024
CVSS 4.8
EPSS 0.01
CVE-2024-39810
MEDIUM
Mattermost 9.5.0-9.5.7 and 9.10.0 - Denial of Service via ElasticSearch CA Path File
Aug 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-32939
MEDIUM
Mattermost 9.5.0-9.5.7 9.8.0-9.8.2 9.9.0-9.9.1 9.10.0 - Improper Access Control in Shared Channels
Aug 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-41926
LOW
Mattermost 9.5.0-9.5.6 and 9.9.0 - Improper Access Control via RemoteId Spoofing
Aug 01, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-41162
MEDIUM
Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Unauthenticated Channel Modification via Shared Channels
Aug 01, 2024
CVSS 4.1
EPSS 0.00
CVE-2024-41144
MEDIUM
Mattermost Server < 9.5.7 - Improper Access Control
Aug 01, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-39839
MEDIUM
Mattermost 9.5.0-9.5.6, 9.7.0-9.7.5, 9.8.0-9.8.1, 9.9.0 - Improper Access Control in Shared Channels
Aug 01, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39837
LOW
Mattermost 9.5.0-9.5.6 and 9.9.0 - Unauthenticated Arbitrary Channel Creation via Shared Channels
Aug 01, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-39832
MEDIUM
Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Unauthenticated Local Data Deletion via Error Handling Abuse
Aug 01, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-39777
HIGH
Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Improper Access Control via Shared Channel Invite
Aug 01, 2024
CVSS 8.7
EPSS 0.00
CVE-2024-39274
HIGH
Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Improper Access Control in Shared Channel Validation
Aug 01, 2024
CVSS 8.7
EPSS 0.00
CVE-2024-36492
HIGH
Mattermost <9.9.0-9.8.1 - Privilege Escalation
Aug 01, 2024
CVSS 7.4
EPSS 0.00
Products
mattermost_server 412
mattermost 233
mattermost-server 186
Mattermost 74
mattermost_desktop 23
mattermost_mobile 20
confluence 14
mattermost-plugin-confluence 14
mattermost-plugin-msteams 4
mattermost-plugin-playbooks 4
mattermost-plugin-jira 3
Focalboard 2
focalboard 2
mattermost-plugin-boards 2
mattermost-plugin-calls 2
mattermost-plugin-zoom 2
mattermost_boards 2
ms_teams 2
playbooks 2
zoom 2
channel_export 1
mattermost-plugin-channel-export 1
mattermost-plugin-github 1
mattermost_channel_export 1
mattermost_packages 1
mattermost_plugins 1
Quick Filters