3 matches found
EUVD-2024-34662
Malicious code in bioql PyPI...
CVE-2024-34152
Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run that linked to the channel they are guest via sending an RHSRuns GraphQL query request to the server...
GHSA-P267-JJFQ-PPHF Mattermost fails to check if user is a guest before performing actions on public playbooks
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks...