CVE-2023-45223

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-45223

Severity

4.3

Medium

CVSS V3

Description

Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.

References

https://images.chainguard.dev/security/CGA-w36j-4mg9-cw96
https://github.com/advisories/GHSA-p5pr-vm3j-jxxf
https://images.chainguard.dev/security/CGA-whrj-vjqm-xvwr
https://images.chainguard.dev/security/CGA-rm6h-vjp2-82j3
https://images.chainguard.dev/security/CGA-v8f9-7c43-255q
https://images.chainguard.dev/security/CGA-j9q7-hhm7-xf6f
https://images.chainguard.dev/security/CGA-vg35-rm9f-4h9j
https://images.chainguard.dev/security/CGA-qph9-jhh7-458r
https://images.chainguard.dev/security/CGA-3vqp-vcm5-4746
https://images.chainguard.dev/security/CGA-mq32-2g8p-fmp3
https://images.chainguard.dev/security/CGA-f9hj-4j67-r56w
https://images.chainguard.dev/security/CGA-8xh7-rw97-f99f
https://images.chainguard.dev/security/CGA-px44-7585-r97w
https://mattermost.com/security-updates

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal