Mattermost Server
Approved changes feed: RSS · Atom
cpe:2.3:a:mattermost:mattermost_server:9.3.0:*:*:*:*:*:*:*
part: a version: 9.3.0 update: *
| Vendor | Mattermost (ed0788ef-af60-58f1-b6aa-68289d9946dc) |
|---|---|
| Product | Mattermost Server (657bc445-594e-5ca1-a676-4f18538f1c02) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-1953 |
vulnerable | 2026-06-03 14:54:35.073846 |
Details available
MEDIUM (4.3)
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request.
Published: 2024-02-29T10:42:41.576Z
Updated: 2024-08-16T20:58:25.047Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1942 |
vulnerable | 2026-06-03 14:54:35.054642 |
Details available
MEDIUM (4.3)
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0 fail to sanitize the metadata on posts containing permalinks under specific conditions, which allows an authenticated attacker to access the contents of individual posts in channels they are not a member of.
Published: 2024-02-29T10:41:38.292Z
Updated: 2024-08-12T13:16:32.143Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.