EUVD-2023-34261

Malicious code in bioql PyPI...

CVE-2023-2808

Mattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link...

Mattermost Server 5.34.x < 7.1.9 / 7.2.x < 7.8.4 / 7.9.x < 7.9.3 / 7.10.0 (MMSA-2023-00159)

The version of Mattermost Server installed on the remote host is prior to 7.1.9, 7.8.4, or 7.9.3 / 7.10.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2023-00159 advisory. - Mattermost fails to normalize UTF confusable characters when determining if a preview should be...

CVE-2023-2808

Mattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link...

Code injection

Mattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link...

PT-2023-21539 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue arises from Mattermost's failure to normalize UTF confusable characters when determining whether to generate a preview for a hyperlink. This allows an attacker to trigger a lin...