/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-72g3-2cvf-rwvj

Published

Last updated

https://images.chainguard.dev/security/CGA-72g3-2cvf-rwvj
Package

mattermost-9

RepositoryWolfi
Latest Update
Under investigation
Aliases
  • CVE-2024-10241
  • GHSA-6mvp-gh77-7vwh

Severity

Unknown

Summary

Mattermost Server allows user to get private channel names

Description

Mattermost versions 9.5.x <= 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2024-10241
  • https://github.com/advisories/GHSA-6mvp-gh77-7vwh
  • https://github.com/mattermost/mattermost
  • https://mattermost.com/security-updates

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation