Lucene search
K

7 matches found

Chainguard
Chainguard
added 2025/05/01 7:14 a.m.25 views

CVE-2025-27936 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

5.9CVSS7.2AI score0.00295EPSS
Exploits0
Circl
Circl
added 2025/04/16 10:43 a.m.18 views

CVE-2025-27936

creationtimestamp| type| source ---|---|--- 2025-04-16 10:43:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfuquzlg2v 2025-04-16 13:31:37+00:00| seen| https://t.me/cvedetector/23082...

5.9CVSS5.1AI score0.00295EPSS
Exploits0References2
NVD
NVD
added 2025/04/16 10:15 a.m.38 views

CVE-2025-27936

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.9CVSS0.00295EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 9:14 a.m.4 views

CVE-2025-27936 Webhook Secret Exposure via Timing attack in MSteams plugin

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.3CVSS5.9AI score0.00295EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/16 9:14 a.m.10 views

CVE-2025-27936 Webhook Secret Exposure via Timing attack in MSteams plugin

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.3CVSS7AI score0.00295EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 9:14 a.m.226 views

CVE-2025-27936

CVE-2025-27936 (Mattermost/MS Teams plugin timing attack) : The connected advisory GO-2025-3618 reports a vulnerability in the Mattermost ecosystem where the MSTeams plugin (github.com/mattermost/mattermost-plugin-msteams) and related Mattermost Server versions are susceptible to an observable ti...

5.9CVSS5.2AI score0.00295EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/04/16 9:14 a.m.34 views

CVE-2025-27936 Webhook Secret Exposure via Timing attack in MSteams plugin

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.3CVSS0.00295EPSS
Exploits0References1
Rows per page
Query Builder