Vulnerabilities (CVE)

Filtered by vendor Mattermost Subscribe

Filtered by product Mattermost Desktop

Total 24 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-11064	1 Mattermost	1 Mattermost Desktop	2024-11-21	7.5 HIGH	9.8 CRITICAL
An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVE-2024-45835	1 Mattermost	1 Mattermost Desktop	2024-11-01	N/A	2.5 LOW
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.
CVE-2024-39772	1 Mattermost	1 Mattermost Desktop	2024-11-01	N/A	3.7 LOW
Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.
CVE-2024-39613	1 Mattermost	1 Mattermost Desktop	2024-09-20	N/A	5.3 MEDIUM
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine.