14 matches found
EUVD-2024-0634
Malicious code in bioql PyPI...
CVE-2024-1887
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
GHSA-FX48-XV6Q-6GP3 Mattermost post fetching without auditing in compliance export
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
Mattermost post fetching without auditing in compliance export
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
CVE-2024-1887
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
CVE-2024-1887
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
Design/Logic Flaw
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
CVE-2024-1887 Public channel post content accessible without membership when compliance export is enabled
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
CVE-2024-1887
Mattermost CVE-2024-1887 affects the Mattermost server where compliance export checks are not performed for public-channel posts, allowing a user who is not a channel member to fetch posts without audit in the compliance export. The related OSV advisory GO-2024-2591 ties this to Mattermost server...
CVE-2024-1887 Public channel post content accessible without membership when compliance export is enabled
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...
PT-2024-18394 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions prior to 8.1.9 Description: Mattermost fails to check if compliance export is enabled when fetching posts of public channels, allowing a user that is not a member of the public channel to fetch the posts, which will not be...
Mattermost Security Vulnerabilities
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from the inability to check if compliance export is enabled when fetching posts from a public channel, allowing users who are not members of...
Compliance Export JSON
Binary data complianceexportjsonresults.nbin...
Compliance Export Gold Image Audit
Binary data complianceexportgoldimage.nbin...