Mattermost

Mattermost

317 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.59%
  • Veröffentlicht 16.01.2025 19:15:30
  • Zuletzt bearbeitet 24.09.2025 16:42:32

Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel.

  • EPSS 0.44%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 01.10.2025 17:54:41

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via cre...

  • EPSS 0.51%
  • Veröffentlicht 16.01.2025 18:15:28
  • Zuletzt bearbeitet 24.09.2025 16:46:59

Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted malicious input.

  • EPSS 0.35%
  • Veröffentlicht 16.01.2025 00:15:25
  • Zuletzt bearbeitet 24.09.2025 16:47:36

Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the specially crafted attachment

  • EPSS 0.41%
  • Veröffentlicht 15.01.2025 17:15:19
  • Zuletzt bearbeitet 30.09.2025 15:51:23

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.

  • EPSS 0.54%
  • Veröffentlicht 15.01.2025 17:15:19
  • Zuletzt bearbeitet 01.10.2025 18:20:36

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.

  • EPSS 0.5%
  • Veröffentlicht 15.01.2025 17:15:19
  • Zuletzt bearbeitet 25.09.2025 19:14:15

Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.

  • EPSS 0.5%
  • Veröffentlicht 15.01.2025 17:15:18
  • Zuletzt bearbeitet 25.09.2025 19:14:06

Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.

  • EPSS 0.54%
  • Veröffentlicht 15.01.2025 16:15:32
  • Zuletzt bearbeitet 30.09.2025 15:52:59

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the frontend via crafte...

  • EPSS 0.59%
  • Veröffentlicht 09.01.2025 07:15:28
  • Zuletzt bearbeitet 02.10.2025 17:26:14

Mattermost versions 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post types, which allows attackers to deny service to users with the sysconsole_read_plugins permission via creating a post with the custom_pl_...