/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-wf4x-qmcx-v3g2

Published

Last updated

https://images.chainguard.dev/security/CGA-wf4x-qmcx-v3g2
Package

mattermost-fips-10.7

Repository

Chainguard

Latest Update
Fixed
Fixed Version

10.7.1-r1

Aliases
  • CVE-2024-23488
  • GHSA-xgxj-j98c-59rv

Severity

Unknown

Summary

Mattermost fails to properly restrict the access of files attached to posts

Description

Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being able to access files of archived channels even if the “Allow users to view archived channels” option is disabled.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2024-23488
  • https://github.com/advisories/GHSA-xgxj-j98c-59rv
  • https://github.com/mattermost/mattermost
  • https://mattermost.com/security-updates

Updates

Safe Source for Open Source™
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation