4 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper enforcement of access controls in the channel members API endpoint. An attacker can gain unauthorised access to metadata about members of public channels as a guest user by exploiting this securit...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in command.go that allows a user to execute commands on archived channels. Remediation Upgrade github.com/mattermost/mattermost/server/channels/api4 to version 9.11.9-rc1, 10.3.4, 10.4.3 or higher. References -...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.8 security and bug fix update
Red Hat OpenShift Container Platform release 4.7.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...
NewStart CGSL MAIN 6.02 : spamassassin Multiple Vulnerabilities (NS-SA-2021-0070)
The remote NewStart CGSL host, running version MAIN 6.02, has spamassassin packages installed that are affected by multiple vulnerabilities: - In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the...