Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mattermost_server
(Mattermost)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 215 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-19 | CVE-2019-20858 | An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service (CPU consumption) via crafted characters in a SQL LIKE clause to an APIv4 endpoint. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20857 | An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of service (markdown renderer hang) via many backtick characters. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20854 | An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a denial of service (client-side application crash) via a LaTeX message. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2018-21258 | An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invite_people slash command. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2018-21249 | An issue was discovered in Mattermost Server before 5.3.0. It mishandles timing. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2017-18920 | An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2017-18918 | An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2017-18917 | An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11084 | An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11076 | An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL. | Mattermost_server | N/A |