21 matches found
EUVD-2024-2535
Malicious code in bioql PyPI...
EUVD-2025-4307
Malicious code in bioql PyPI...
CVE-2024-43105
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
GO-2025-3481 Mattermost fails to restrict channel export of archived channels in github.com/mattermost/mattermost-server
Mattermost fails to restrict channel export of archived channels in github.com/mattermost/mattermost-server...
CVE-2025-24526
Mattermost versions 10.1.x = 10.1.3, 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access ...
GHSA-Q8P2-2HWC-JW64 Mattermost fails to restrict channel export of archived channels
Mattermost versions 10.1.x = 10.1.3, 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access ...
Mattermost fails to restrict channel export of archived channels
Mattermost versions 10.1.x = 10.1.3, 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access ...
CVE-2025-24526
Mattermost versions 10.1.x = 10.1.3, 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access ...
CVE-2025-24526 Channel export permitted on archived channel when viewing archived channels is disabled
Mattermost versions 10.1.x = 10.1.3, 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to restrict channel export of archived channels when the "Allow users to view archived channels" is disabled which allows a user to export channel contents when they shouldn't have access ...
CVE-2025-24526
Mattermost CVE-2025-24526 affects multiple 9.x/10.x release branches where exporting archived channel content is not properly restricted when the 'Allow users to view archived channels' setting is disabled. The root cause is insufficient access control for archived-channel exports, enabling an au...
Denial Of Service (DOS)
github.com/mattermost/mattermost-plugin-channel-export is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a failure to restrict concurrent runs of the /export command. The can allow an attacker to consume excessive resource by running the /export command multiple times at...
Mattermost Plugin Channel Export excessive resource consumption
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
GHSA-869F-PX86-VJ84 Mattermost Plugin Channel Export excessive resource consumption
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105
Mattermost Plugin Channel Export (github.com/mattermost/mattermost-plugin-channel-export) is affected: versions ≤ 1.0.0 do not correctly restrict concurrent /export executions, enabling a user to initiate multiple simultaneous runs and cause resource exhaustion. Root cause: lack of concurrency co...
CVE-2024-43105 Excessive Resource Consumption via `/export`
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105 Excessive Resource Consumption via `/export`
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
PT-2024-30297 · Mattermost · Mattermost Plugin Channel Export
Name of the Vulnerable Software and Affected Versions: Mattermost Plugin Channel Export versions = 1.0.0 Description: The issue allows a user to consume excessive resources by running the /export command multiple times at once, due to the failure to restrict concurrent runs of the command. This c...
Mattermost plugin Channel Export 安全漏洞
Mattermost Plugin Channel Export is a plugin from Mattermost USA. A security vulnerability exists in Mattermost plugin Channel Export version 1.0.0 and prior versions, which stems from an inability to limit concurrent runs of the /export command. An attacker can use this vulnerability to consume...