mattermost
575 tracked vulnerabilities.
CVE-2024-22091
LOW
Mattermost <8.1.11, <9.5.2, <9.6.0 - DoS
Apr 26, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-3872
LOW
Mattermost Mobile < 2.13.0 - Unauthenticated Denial of Service via Malicious Deeplink
Apr 16, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-2447
MEDIUM
Mattermost <8.1.11-9.5.2 - Privilege Escalation
Apr 05, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-29221
MEDIUM
Mattermost Server <9.5.2-8.1.11 - Info Disclosure
Apr 05, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-28949
MEDIUM
Mattermost Server 8.1.0-8.1.10, 9.3.0-9.3.2, 9.4.0-9.4.3, 9.5.0-9.5.1 - Denial of Service via Unlimited User Preferences
Apr 05, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-21848
LOW
Mattermost Server <8.1.11 - Privilege Escalation
Apr 05, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-2450
HIGH
Mattermost <8.1.10, <9.2.6, <9.3.2, <9.4.3 - Privilege Escalation
Mar 15, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-2446
MEDIUM
Mattermost <8.1.10, <9.2.6, <9.3.2, <9.4.3 - DoS
Mar 15, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-2445
MEDIUM
Mattermost Server 8.1.0-8.1.9, 9.2.0-9.2.5, 9.3.0-9.3.1, 9.4.0-9.4.2 - Reflected Cross-Site Scripting in Jira Plugin
Mar 15, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-28053
LOW
Mattermost Server 8.1.0-8.1.9 - Denial of Service via Large Email Payload
Mar 15, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-24975
LOW
Mattermost Mobile < 2.13.0 - Denial of Service via Large Code Block Syntax Highlighting
Mar 15, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-1953
MEDIUM
Mattermost <8.1.9, <9.2.5, 9.3.0, <9.4.2 - DoS
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1952
LOW
Mattermost <8.1.9 - Info Disclosure
Feb 29, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-1949
LOW
Mattermost <8.1.9-9.4.2 - Privilege Escalation
Feb 29, 2024
CVSS 2.6
EPSS 0.00
CVE-2024-1942
MEDIUM
Mattermost <8.1.9, <9.2.5, 9.3.0 - Info Disclosure
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1888
MEDIUM
Mattermost <8.1.9 and 9.4.0-9.4.2 - Improper Access Control in Guest Invitation
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-24988
MEDIUM
Mattermost < 8.1.8 and 9.3.0-9.3.1 - Denial of Service via Custom User Status Emoji Length
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-23493
MEDIUM
Mattermost < 8.1.9 and 9.4.0-9.4.1 - Missing Authorization for AD/LDAP Group Details
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-23488
LOW
Mattermost < 8.1.9 and 9.0.0-9.4.2 - Improper Access Control in Archived Channel File Attachments
Feb 29, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-1887
MEDIUM
Mattermost < 8.1.9 and 9.3.0-9.3.1 - Improper Access Control in Public Channel Post Fetching
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1402
MEDIUM
Mattermost < 8.1.7 and < 8.1.8 - Denial of Service via Custom Emoji Reaction Overload
Feb 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-24776
LOW
Mattermost < 8.1.7 and 8.1.8 - Unauthenticated Channel Member Count Leak via API
Feb 09, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-24774
LOW
Mattermost Jira Plugin - Info Disclosure
Feb 09, 2024
CVSS 3.4
EPSS 0.00
CVE-2024-23319
LOW
Mattermost Jira Plugin < 1.1.2-0.20230830170046-f4cf4c6de017 - Cross-Site Request Forgery via Crafted Message
Feb 09, 2024
CVSS 3.5
EPSS 0.00
CVE-2023-50333
LOW
Mattermost < 8.1.7 - Improper Access Control via Session Permission Update
Jan 02, 2024
CVSS 3.7
EPSS 0.00
Products
mattermost_server 412
mattermost 233
mattermost-server 186
Mattermost 74
mattermost_desktop 23
mattermost_mobile 20
confluence 14
mattermost-plugin-confluence 14
mattermost-plugin-msteams 4
mattermost-plugin-playbooks 4
mattermost-plugin-jira 3
Focalboard 2
focalboard 2
mattermost-plugin-boards 2
mattermost-plugin-calls 2
mattermost-plugin-zoom 2
mattermost_boards 2
ms_teams 2
playbooks 2
zoom 2
channel_export 1
mattermost-plugin-channel-export 1
mattermost-plugin-github 1
mattermost_channel_export 1
mattermost_packages 1
mattermost_plugins 1
Quick Filters