14 matches found
EUVD-2025-7204
Malicious code in bioql PyPI...
Improper Authorization
Mattermost is vulnerable to an Improper Authorization. The vulnerability is due to insufficient enforcement of channel conversion restrictions due to a flaw that allows users with permission to convert public channels to private ones to also convert private channels to public...
SUSE CVE-2025-27933
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
BIT-MATTERMOST-2025-27933
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
Mattermost Server 9.11.x < 9.11.9 / 10.3.x < 10.3.4 / 10.4.x < 10.4.3 (MMSA-2025-00418)
The version of Mattermost Server installed on the remote host is prior to 9.11.9, 10.3.4, or 10.4.3. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00418 advisory. - Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel...
GO-2025-3556 Mattermost allows members with permission to convert public channels to private and convert private to public in github.com/mattermost/mattermost-server
Mattermost allows members with permission to convert public channels to private and convert private to public in github.com/mattermost/mattermost-server...
CVE-2025-27933
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
Mattermost allows members with permission to convert public channels to private and convert private to public
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
GHSA-H5V9-XW2G-7HRQ Mattermost allows members with permission to convert public channels to private and convert private to public
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
CVE-2025-27933
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
CVE-2025-27933
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
CVE-2025-27933 Unauthorized Private-to-Public Channel Conversion
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...
CVE-2025-27933
Mattermost CVE-2025-27933 affects Mattermost Server 9.11.x <= 9.11.8, 10.3.x <= 10.3.3, and 10.4.x
CVE-2025-27933 Unauthorized Private-to-Public Channel Conversion
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...