github.com/mattermost/mattermost/server/channels/app vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the github.com/mattermost/mattermost/server/channels/app package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
C Incorrect Implementation of Authentication Algorithm	>=10.5.0 <10.5.13>=10.11.0 <10.11.5>=10.12.0 <10.12.2>=11.0.0-alpha.1 <11.0.3
C Incorrect Implementation of Authentication Algorithm	>=10.5.0 <10.5.13>=10.11.0 <10.11.5>=10.12.0 <10.12.2>=11.0.0-alpha.1 <11.0.4
M Missing Authentication for Critical Function	>=10.5.0 <10.5.12>=10.11.0 <10.11.4-rc2>=10.12.0 <10.12.1
L Incorrect Authorization	<11.0.0-alpha.1
M Incorrect Authorization	<11.0.0-alpha.1
L Authorization Bypass Through User-Controlled Key	>=9.11.0 <9.11.18>=10.5.0 <10.5.9
M Use of Weak Hash	>=9.11.0 <9.11.18>=10.5.0 <10.5.9>=10.8.0 <10.8.4>=10.9.0 <10.9.4>=10.10.0 <10.10.2-rc1
M Incorrect Authorization	>=9.11.0 <9.11.18>=10.5.0 <10.5.9
M Directory Traversal	>=9.11.0 <9.11.17-rc1>=10.5.0 <10.5.8-rc1>=10.7.0 <10.7.4-rc1>=10.8.0 <10.8.2
L Insufficiently Protected Credentials	>=9.11.0 <9.11.17>=10.5.0 <10.5.8-rc1
H Missing Authentication for Critical Function	>=9.11.0 <9.11.17-rc1>=10.5.0 <10.5.7>=10.7.0 <10.7.4-rc1>=10.8.0 <10.8.2
H Incorrect Implementation of Authentication Algorithm	>=9.0.0-rc1 <9.11.13>=10.0.0-rc1 <10.5.4>=10.6.0-rc1 <10.6.3>=10.7.0-rc1 <10.7.1
M Incorrect Implementation of Authentication Algorithm	>=9.0.0-rc1 <9.11.13>=10.0.0-rc1 <10.5.4>=10.6.0-rc1 <10.6.3>=10.7.0-rc1 <10.7.1
M Incorrect Authorization	>=9.11.0 <9.11.12>=10.5.0 <10.5.3
M Overly Restrictive Account Lockout Mechanism	>=9.11.0 <9.11.12>=10.4.0 <10.4.5>=10.5.0 <10.5.3>=10.6.0 <10.6.2
M Incorrect Implementation of Authentication Algorithm	<9.11.10-rc1>=10.4.0-rc1 <10.4.4>=10.5.0-rc1 <10.5.2>=10.6.0-rc1 <10.6.0-rc2
L Exposure of Sensitive Information Through Metadata	>=9.11.0 <9.11.10-rc1>=10.5.0 <10.5.2
M Incorrect Authorization	<9.11.10>=10.4.0 <10.4.4>=10.5.0 <10.5.2
M Incorrect Authorization	<9.11.10>=10.4.0 <10.4.4>=10.5.0 <10.5.2
M Incorrect Authorization	>=9.11.0-rc1 <9.11.10>=10.0.0-rc1 <10.4.4>=10.5.0-rc1 <10.5.2
M Incorrect Authorization	<0.1.10
H Missing Authentication for Critical Function	<9.11.9>=10.3.0-rc1 <10.3.4>=10.4.0-rc1 <10.4.3>=10.5.0-rc1 <10.5.1
M Incorrect Authorization	>=9.11.0-rc1 <9.11.9-rc1>=10.0.0-rc1 <10.5.0-rc3
L Session Fixation	<10.5.0
M Improper Validation of Specified Type of Input	>=9.11.0 <9.11.6>=10.0.0 <10.0.4>=10.1.0-rc1 <10.1.4>=10.2.0 <10.2.1
M Race Condition	>=9.5.0 <9.5.13-rc1>=9.11.0 <9.11.5-rc1>=10.0.0 <10.0.3-rc1>=10.1.0 <10.1.3-rc1
M Incorrect Authorization	<9.9.3
L Improper Access Control	>=9.5.0 <9.5.9
M Improper Check for Unusual or Exceptional Conditions	>=9.5.0-rc1 <9.5.9-rc1>=9.11.0-rc1 <9.11.1-rc1

Vulnerability

Vulnerable Version

Incorrect Implementation of Authentication Algorithm