CGA-9x4x-q39p-c9vh

Published

Last updated

https://images.chainguard.dev/security/CGA-9x4x-q39p-c9vh

Package

mattermost-10.0

Latest Update

Not affected

Aliases

CVE-2024-1949
GHSA-3g35-v53r-gpxc

Severity

2.6

Low

CVSS V3

Summary

Mattermost race condition

Description

A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-1949
https://github.com/advisories/GHSA-3g35-v53r-gpxc
https://github.com/mattermost/mattermost
https://mattermost.com/security-updates
https://pkg.go.dev/vuln/GO-2024-2588

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-9x4x-q39p-c9vh

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources