Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39767 | 1 Mattermost | 1 Mattermost Mobile | 2024-07-16 | N/A | 6.5 MEDIUM |
| Mattermost Mobile Apps versions <=2.16.0 fail to validate that the push notifications received for a server actually came from this serve that which allows a malicious server to send push notifications with another server’s diagnostic ID or server URL and have them show up in mobile apps as that server’s push notifications. | |||||
| CVE-2024-32945 | 1 Mattermost | 1 Mattermost Mobile | 2024-07-16 | N/A | 5.3 MEDIUM |
| Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions. | |||||
| CVE-2019-20849 | 1 Mattermost | 1 Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mattermost Mobile Apps before 1.26.0. Cookie data can persist on a device after a logout. | |||||
| CVE-2019-20850 | 1 Mattermost | 1 Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mattermost Mobile Apps before 1.26.0. A view cache can persist on a device after a logout. | |||||
| CVE-2020-14451 | 2 Apple, Mattermost | 2 Iphone Os, Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain after a logout, aka MMSA-2020-0013. | |||||
| CVE-2020-14449 | 1 Mattermost | 1 Mattermost Mobile | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Mobile Apps before 1.30.0. Authorization tokens can sometimes be disclosed to third-party servers, aka MMSA-2020-0018. | |||||
| CVE-2019-20848 | 1 Mattermost | 1 Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Mobile Apps before 1.26.0. The Quick Reply feature mishandles crafted replies. | |||||
| CVE-2019-20852 | 1 Mattermost | 1 Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Mobile Apps before 1.26.0. Local logging is not blocked for sensitive information (e.g., server addresses or message content). | |||||