Vulnerabilities (CVE)

Filtered by vendor Mattermost Subscribe

Filtered by product Mattermost Desktop

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-5876	1 Mattermost	1 Mattermost Desktop	2023-11-09	N/A	5.3 MEDIUM
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service.
CVE-2023-5875	1 Mattermost	1 Mattermost Desktop	2023-11-09	N/A	5.3 MEDIUM
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server
CVE-2018-21265	1 Mattermost	1 Mattermost Desktop	2020-06-30	5.0 MEDIUM	5.3 MEDIUM
An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).
CVE-2020-14455	1 Mattermost	1 Mattermost Desktop	2020-06-25	4.3 MEDIUM	6.5 MEDIUM
An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authentication is mishandled, allowing phishing, aka MMSA-2020-0007.
CVE-2020-14454	1 Mattermost	1 Mattermost Desktop	2020-06-25	5.8 MEDIUM	6.1 MEDIUM
An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.