Mattermost Server@5.6.0 Security Vulnerabilities and Issues — Mattermost Server@5.6.0 CVE List

Lucene search

MattermostMattermost Server5.6.0

5 matches found

CVE•added 2020/06/19 5:15 p.m.•37 views

CVE-2019-20887

An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not honor flags API permissions when deciding whether a user can receive intra-team posts.

4.3CVSS4.6AI score0.00112EPSS

CVE•added 2020/06/19 5:15 p.m.•33 views

CVE-2019-20879

An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-mail addresses do not require credential re-entry.

4.3CVSS4.6AI score0.00152EPSS

CVE•added 2020/06/19 5:15 p.m.•33 views

CVE-2019-20880

An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attackers to cause a denial of service (memory consumption) via OpenGraph.

7.5CVSS7.3AI score0.00389EPSS

CVE•added 2020/06/19 5:15 p.m.•33 views

CVE-2019-20889

An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation.

5.3CVSS5.3AI score0.00148EPSS

CVE•added 2020/06/19 5:15 p.m.•28 views

CVE-2019-20888

An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration.

7.5CVSS7.5AI score0.00389EPSS