Mattermost Desktop Security Vulnerabilities and Issues — Mattermost Desktop CVE List

Lucene search

MattermostMattermost Desktop

17 matches found

CVE•added 2024/09/16 7:15 a.m.•57 views

CVE-2024-39613

Mattermost Desktop App versions

7.8CVSS6.3AI score0.00081EPSS

CVE•added 2023/11/02 9:15 a.m.•55 views

CVE-2023-5920

Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input.

3.3CVSS3.9AI score0.00078EPSS

CVE•added 2024/06/14 9:15 a.m.•55 views

CVE-2024-37182

Mattermost Desktop App versions

6.1CVSS5.4AI score0.00808EPSS

CVE•added 2023/11/02 9:15 a.m.•51 views

CVE-2023-5876

Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service.

5.3CVSS4.6AI score0.00118EPSS

CVE•added 2024/06/14 9:15 a.m.•45 views

CVE-2024-36287

Mattermost Desktop App versions

3.8CVSS3.8AI score0.00019EPSS

CVE•added 2023/05/02 9:15 a.m.•43 views

CVE-2023-2000

Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website

5.4CVSS5.5AI score0.00129EPSS

CVE•added 2020/06/19 3:15 p.m.•41 views

CVE-2019-20856

An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.

9.8CVSS9.6AI score0.00446EPSS

CVE•added 2023/11/02 9:15 a.m.•40 views

CVE-2023-5875

Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server

5.3CVSS4.7AI score0.00166EPSS

CVE•added 2020/06/19 2:15 p.m.•37 views

CVE-2020-14454

An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.

6.1CVSS6.2AI score0.00197EPSS

CVE•added 2020/06/19 5:15 p.m.•33 views

CVE-2018-21265

An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).

5.3CVSS5.3AI score0.00195EPSS

CVE•added 2020/06/19 3:15 p.m.•31 views

CVE-2019-20861

An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbitrary code via a crafted link.

8.8CVSS8.8AI score0.00727EPSS

CVE•added 2020/06/19 8:15 p.m.•30 views

CVE-2016-11064

An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.

9.8CVSS9.6AI score0.00647EPSS

CVE•added 2020/06/19 2:15 p.m.•27 views

CVE-2020-14455

An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authentication is mishandled, allowing phishing, aka MMSA-2020-0007.

6.5CVSS6.5AI score0.00255EPSS

CVE•added 2020/06/19 2:15 p.m.•27 views

CVE-2020-14456

An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.

7.5CVSS7.2AI score0.00148EPSS

CVE•added 2023/10/17 10:15 a.m.•26 views

CVE-2023-5339

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged.

5.5CVSS5.1AI score0.00073EPSS

CVE•added 2024/09/16 3:15 p.m.•23 views

CVE-2024-45835

Mattermost Desktop App versions

6.5CVSS4AI score0.00097EPSS

CVE•added 2024/09/16 3:15 p.m.•22 views

CVE-2024-39772

Mattermost Desktop App versions

5.3CVSS4.6AI score0.00106EPSS