Skip to main content
CVE-2024-32939 LOW PATCH Monitor

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Mattermost
NVD
CVSS 3.1
3.7
EPSS
0.2%
CVE-2024-40884 LOW PATCH Monitor

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mattermost Mattermost Server
NVD
CVSS 3.1
2.7
EPSS
0.4%
CVE-2024-43785 LOW Monitor

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
2.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy