Google Git
Sign in
go / vulndb / bfd27ade11c20157c4432b663fdfc2a9681b4b86 / . / data / reports / GO-2024-3097.yaml
blob: 03eec4bcfb82fd599021918406deca240b6a6a8b [file] [log] [blame]
id: GO-2024-3097
modules:
- module: github.com/mattermost/mattermost-server
versions:
- introduced: 9.5.0+incompatible
- fixed: 9.5.8+incompatible
- introduced: 9.8.0+incompatible
- fixed: 9.8.3+incompatible
- introduced: 9.9.0+incompatible
- fixed: 9.9.2+incompatible
- introduced: 9.10.0+incompatible
- fixed: 9.10.1+incompatible
vulnerable_at: 9.10.1-rc3+incompatible
- module: github.com/mattermost/mattermost-server/v5
vulnerable_at: 5.39.3
- module: github.com/mattermost/mattermost-server/v6
vulnerable_at: 6.7.2
- module: github.com/mattermost/mattermost/server/v8
vulnerable_at: 8.0.0-20240830140759-a2a54af3380e
summary: Mattermost Cross-Site Request Forgery vulnerability in github.com/mattermost/mattermost-server
cves:
- CVE-2024-40886
ghsas:
- GHSA-hrf9-rm95-fpf3
references:
- advisory: https://github.com/advisories/GHSA-hrf9-rm95-fpf3
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-40886
- web: https://mattermost.com/security-updates
source:
id: GHSA-hrf9-rm95-fpf3
created: 2024-08-30T11:50:28.768165-04:00
review_status: UNREVIEWED