CGA-5qx9-mhj7-2x2m

Published

Last updated

https://images.chainguard.dev/security/CGA-5qx9-mhj7-2x2m

Package

mattermost-10.5

RepositoryWolfi

Latest Update

Not affected

Aliases

CVE-2024-1949
GHSA-3g35-v53r-gpxc

Severity

Unknown

Summary

Mattermost race condition

Description

A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-1949
https://github.com/advisories/GHSA-3g35-v53r-gpxc
https://github.com/mattermost/mattermost
https://mattermost.com/security-updates
https://pkg.go.dev/vuln/GO-2024-2588

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-5qx9-mhj7-2x2m

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources