mattermost-fips-10.7 vulnerabilities

Known vulnerabilities in the mattermost-fips-10.7 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Allocation of Resources Without Limits or Throttling	<10.7.2-r1
L GHSA-q7rw-w4cq-2j6w	<10.7.2-r1
L GHSA-fmhh-rw3h-785m	<10.7.2-r1
L Allocation of Resources Without Limits or Throttling	<10.7.2-r1
L GHSA-9w9f-6mg8-jp7w	<10.7.1-r2
M Authentication Bypass	<10.7.1-r2
L GHSA-9h6j-4ffx-cm84	<10.7.1-r1
L GHSA-63cv-4pc2-4fcf	<10.7.1-r1
L GHSA-h5v9-xw2g-7hrq	<10.7.1-r1
L CVE-2025-31363	<10.7.1-r1
L GHSA-85jj-c9jr-9jhx	<10.7.1-r1
M CVE-2023-48732	<10.7.1-r1
L GHSA-7rgp-4j56-fm79	<10.7.1-r1
L GHSA-hwjf-4667-gqwx	<10.7.1-r1
L GHSA-mj2p-v2c2-vh4v	<10.7.1-r1
M CVE-2024-47003	<10.7.1-r1
L GHSA-fx48-xv6q-6gp3	<10.7.1-r1
L CVE-2025-32093	<10.7.1-r1
L GHSA-jj46-9cgh-qmfx	<10.7.1-r1
L CVE-2025-27538	<10.7.1-r1
L GHSA-jcgv-3pfq-j4hr	<10.7.1-r1
L GHSA-59hf-mpf8-pqjh	<10.7.1-r1
L CVE-2025-27936	<10.7.1-r1
M CVE-2024-24776	<10.7.1-r1
L GHSA-q7rx-w656-fwmv	<10.7.1-r1
L GHSA-wwhj-pw6h-f8hw	<10.7.1-r1
L GHSA-q8p2-2hwc-jw64	<10.7.1-r1
L CVE-2024-47401	<10.7.1-r1
L CVE-2024-10241	<10.7.1-r1
L GHSA-6mvp-gh77-7vwh	<10.7.1-r1
M CVE-2023-47865	<10.7.1-r1
L GHSA-3g36-gf7c-75qw	<10.7.1-r1
L GHSA-rhvr-6w8c-6v7w	<10.7.1-r1
M Resource Exhaustion	<10.7.1-r1
C Directory Traversal	<10.7.1-r1
L GHSA-h3gq-j7p9-x3p4	<10.7.1-r1
L GHSA-762g-9p7f-mrww	<10.7.1-r1
M CVE-2023-45223	<10.7.1-r1
M Allocation of Resources Without Limits or Throttling	<10.7.1-r1
L GHSA-j4c3-3h73-74m9	<10.7.1-r1
L CVE-2025-41395	<10.7.1-r1
M Cross-site Scripting (XSS)	<10.7.1-r1
L GHSA-r833-w756-h5p2	<10.7.1-r1
L GHSA-vm9m-57jr-4pxh	<10.7.1-r1
L GHSA-4ghx-8jw8-p76q	<10.7.1-r1
L CVE-2025-2424	<10.7.1-r1
L GHSA-322v-vh2g-qvpv	<10.7.1-r1
L GHSA-w88v-pjr8-cmv2	<10.7.1-r1
M CVE-2024-1942	<10.7.1-r1
L CVE-2025-22449	<10.7.1-r1
L GHSA-2j87-p623-8cc2	<10.7.1-r1
L CVE-2025-20621	<10.7.1-r1
L GHSA-jjr7-372r-cx7x	<10.7.1-r1
L GHSA-j639-m367-75cf	<10.7.1-r1
L GHSA-689c-xq7x-xjwf	<10.7.1-r1
L GHSA-v469-7wp6-7cvp	<10.7.1-r1
L GHSA-8j3q-gc9x-7972	<10.7.1-r1
L GHSA-g376-m3h3-mj4r	<10.7.1-r1
L GHSA-2549-xh72-qrpm	<10.7.1-r1
L CVE-2025-1412	<10.7.1-r1
M CVE-2023-50333	<10.7.1-r1
L GHSA-3487-3j7c-7gwj	<10.7.1-r1
L GHSA-hm57-h27x-599c	<10.7.1-r1
L GHSA-j5jw-m2ph-3jjf	<10.7.1-r1
L CVE-2025-24526	<10.7.1-r1
M CVE-2024-23488	<10.7.1-r1
L CVE-2025-24839	<10.7.1-r1
L CVE-2025-41423	<10.7.1-r1
M CVE-2024-1887	<10.7.1-r1
L CVE-2025-35965	<10.7.1-r1
L GHSA-45v9-w9fh-33j6	<10.7.1-r1
L GHSA-c37r-v8jx-7cv2	<10.7.1-r1
L Race Condition	<10.7.1-r1
L CVE-2025-22445	<10.7.1-r1
L GHSA-9w97-9rqx-8v4j	<10.7.1-r1
L GHSA-xgxj-j98c-59rv	<10.7.1-r1
M Cross-site Request Forgery (CSRF)	<10.7.1-r1
M CVE-2024-1888	<10.7.1-r1
L GHSA-7664-hcp7-f497	<10.7.1-r1
M Open Redirect	<10.7.1-r1
H Resource Exhaustion	<10.7.1-r1
L Improper Check for Dropped Privileges	<10.7.1-r1
L CVE-2025-20033	<10.7.1-r1
M CVE-2023-6202	<10.7.1-r1
L GHSA-xp9j-8p68-9q93	<10.7.1-r1
L GHSA-3g35-v53r-gpxc	<10.7.1-r1
M Incorrect Authorization	<10.7.1-r1
L GHSA-5m7j-6gc4-ff5g	<10.7.1-r1
H Resource Exhaustion	<10.7.1-r1
L CVE-2025-2475	<10.7.1-r1
L GHSA-5fwx-p6xh-vjrh	<10.7.1-r1
L CVE-2025-24866	<10.7.1-r1
L GHSA-p5pr-vm3j-jxxf	<10.7.1-r1
M CVE-2023-47858	<10.7.1-r1
L CVE-2025-2564	<10.7.1-r1
L GHSA-pfw6-5rx3-xh3c	<10.7.1-r1
L CVE-2025-20086	<10.7.1-r1
L CVE-2025-27571	<10.7.1-r1
L CVE-2025-20051	<10.7.1-r1
L Asymmetric Resource Consumption (Amplification)	<10.7.1-r1
L GHSA-fr22-5377-f3p7	<10.7.1-r1
M Arbitrary Code Injection	<10.7.1-r1
M CVE-2023-6459	<10.7.1-r1
L GHSA-mh63-6h87-95cp	<10.7.1-r1
L CVE-2024-50052	<10.7.1-r1
L GHSA-h4rr-f37j-4hh7	<10.7.1-r1
L GHSA-32h7-7j94-8fc2	<10.7.1-r1
L GHSA-762v-rq7q-ff97	<10.7.1-r1
M CVE-2023-43754	<10.7.1-r1
L GHSA-q8fg-cp3q-5jwm	<10.7.1-r1
L GHSA-w6xh-c82w-h997	<10.7.1-r1
L CVE-2025-20088	<10.7.1-r1
L CVE-2025-21088	<10.7.1-r1
L CVE-2025-25279	<10.7.1-r1
L GHSA-6rqh-8465-2xcw	<10.7.1-r1
L CVE-2024-10214	<10.7.1-r1
M Resource Exhaustion	<10.7.1-r1
L GHSA-xfq9-hh5x-xfq9	<10.7.1-r1

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling

<10.7.2-r1

GHSA-q7rw-w4cq-2j6w

<10.7.2-r1

GHSA-fmhh-rw3h-785m

<10.7.2-r1

Allocation of Resources Without Limits or Throttling

<10.7.2-r1

GHSA-9w9f-6mg8-jp7w

<10.7.1-r2