5 matches found
CVE-2024-47003
Mattermost versions 9.11.x = 9.11.0 and 9.5.x = 9.5.8 fail to validate that the message of the permalink post is a string, which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend...
CVE-2024-47003 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
openSUSE Security Advisory (SUSE-SU-2024:3911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mattermost Server 9.5.x < 9.5.9 / 9.11.x < 9.11.1 (MMSA-2024-00373)
The version of Mattermost Server installed on the remote host is prior to 9.5.9 or 9.11.1. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00373 advisory. - Mattermost versions 9.11.x = 9.11.0 and 9.5.x = 9.5.8 fail to validate that the message of the permalink post i...
CVE-2024-47003 DoS via non-string message using permalink embed
Mattermost versions 9.11.x = 9.11.0 and 9.5.x = 9.5.8 fail to validate that the message of the permalink post is a string, which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend...