GO-2022-0540
and 17 other vulnerabilities
GO-2022-0540 : Mattermost users could access some sensitive information via API call in github.com/mattermost/mattermost-server
GO-2022-0576 : Insecure plugin handling in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0595 : Resource exhaustion in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0599 : Improper Control of a Resource Through its Lifetime in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0604 : Cross-site Scripting in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0616 : Improper Privilege Management in Mattermost in github.com/mattermost/mattermost-server
GO-2023-1939 : Mattermost Server Sensitive Data Exposure in github.com/mattermost/mattermost
GO-2024-2444 : Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
GO-2024-2446 : Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
GO-2024-2448 : Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server
GO-2024-2450 : Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
GO-2024-2707 : Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
GO-2024-3164 : Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events in github.com/mattermost/mattermost-server
GO-2024-3227 : Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server
GO-2024-3232 : Mattermost Server allows user to get private channel names in github.com/mattermost/mattermost-server
GO-2024-3233 : Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery in github.com/mattermost/mattermost-server
GO-2024-3234 : Mattermost Server vulnerable to application crash from attacker-generated large response in github.com/mattermost/mattermost-server
GO-2024-3235 : Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server
The highest tagged major version is
v6 .
Discover Packages
github.com/mattermost/mattermost-server
app
plugin
zoom
package
Version:
v5.1.0-rc3+incompatible
Opens a new window with list of versions in this module.
Published: Jul 11, 2018
License: AGPL-3.0, Apache-2.0
Opens a new window with license information.
Imports: 9
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Rendered for
linux/amd64
windows/amd64
darwin/amd64
js/wasm
Asset loads and returns the asset for the given name.
It returns an error if the asset could not be found or
could not be loaded.
AssetDir returns the file names below a certain
directory embedded in the file by go-bindata.
For example if you run go-bindata on data/... and data contains the
following hierarchy:
data/
foo.txt
img/
a.png
b.png
then AssetDir("data") would return []string{"foo.txt", "img"}
AssetDir("data/img") would return []string{"a.png", "b.png"}
AssetDir("foo.txt") and AssetDir("notexist") would return an error
AssetDir("") will return []string{"data"}.
AssetInfo loads and returns the asset info for the given name.
It returns an error if the asset could not be found or
could not be loaded.
AssetNames returns the names of the assets.
MustAsset is like Asset but panics when Asset would return an error.
It simplifies safe initialization of global variables.
RestoreAsset restores an asset under the given directory
RestoreAssets restores an asset under the given directory recursively
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
The highest tagged major version is
Documentation
¶
Source Files