mattermost-11.2

Direct Vulnerabilities

Known vulnerabilities in the mattermost-11.2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-7f33-f4f5-xwgw

<11.2.4-r1
  • L
GHSA-f5pg-7wfw-84q9

<11.2.4-r1
  • L
Use of a Broken or Risky Cryptographic Algorithm

<11.2.4-r1
  • M
Use of a Broken or Risky Cryptographic Algorithm

<11.2.4-r1
  • L
GHSA-x4jj-h2v8-hqqv

<11.2.4-r1
  • L
GHSA-cfp9-33rc-j74f

<11.2.4-r1
  • L
Directory Traversal

<11.2.4-r1
  • L
GHSA-m4pr-4j3g-9v7v

<11.2.4-r1
  • M
Allocation of Resources Without Limits or Throttling

<11.2.4-r1
  • M
Cross-site Scripting (XSS)

<11.2.4-r1
  • L
GHSA-j4j7-vw47-rhfq

<11.2.4-r1
  • L
GHSA-j3gx-2473-5fp8

<11.2.4-r1
  • L
GHSA-xj38-jxc5-rppx

<11.2.4-r1
  • H
Improper Certificate Validation

<11.2.4-r1
  • L
GHSA-4279-q6mj-392r

<11.2.4-r1
  • L
GHSA-rv83-g57w-fr8j

<11.2.4-r1
  • M
Link Following

<11.2.4-r1
  • L
GHSA-5w89-2c2x-6x66

<11.2.4-r1
  • L
Direct Request ('Forced Browsing')

<11.2.4-r1
  • H
Allocation of Resources Without Limits or Throttling

<11.2.4-r1
  • L
GHSA-cqrx-3m42-5p5w

<11.2.4-r1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<11.2.4-r1
  • L
GHSA-h524-452v-82p9

<11.2.4-r1
  • C
CVE-2026-27143

<11.2.4-r1
  • L
CVE-2026-42507

<11.2.4-r1
  • L
GHSA-h3gm-q7m7-mp28

<11.2.4-r1
  • L
CVE-2026-27145

<11.2.4-r1
  • L
GHSA-jrg3-gfjw-hm96

<11.2.4-r1
  • H
Incorrect Authorization

<11.2.4-r1
  • L
Cross-site Scripting (XSS)

<11.2.4-r1
  • L
GHSA-gjvh-7jh8-7xhm

<11.2.4-r1
  • L
GHSA-7mr4-xjxg-34g6

<11.2.4-r1
  • L
CVE-2026-42504

<11.2.4-r1
  • L
CVE-2026-32280

<11.2.4-r1
  • L
GHSA-qc64-m6c2-v4x7

<11.2.4-r0
  • L
GHSA-2283-wf8c-rw8r

<11.2.4-r0
  • L
CVE-2026-42501

<11.2.4-r0
  • L
GHSA-5m4p-2gjx-p2g8

<11.2.4-r0
  • L
GHSA-h74g-238j-357m

<11.2.4-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<11.2.4-r0
  • L
GHSA-8g2r-hhvj-mv99

<11.2.4-r0
  • L
Cross-site Scripting (XSS)

<11.2.4-r0
  • L
GHSA-qf3q-3h68-mmh2

<11.2.4-r0
  • L
CVE-2026-39825

<11.2.4-r0
  • L
CVE-2026-42499

<11.2.4-r0
  • L
GHSA-p9h5-jm8x-mjm5

<11.2.4-r0
  • M
Link Following

<11.2.4-r0
  • L
Improper Encoding or Escaping of Output

<11.2.4-r0
  • M
Out-of-bounds Write

<11.2.4-r0
  • L
GHSA-xq5j-9r39-c3vf

<11.2.4-r0
  • H
NULL Pointer Dereference

<11.2.4-r0
  • H
Double Free

<11.2.4-r0
  • L
GHSA-3v2c-x6q9-f697

<11.2.4-r0
  • L
GHSA-497x-jcxf-m478

<11.2.4-r0
  • H
Allocation of Resources Without Limits or Throttling

<11.2.4-r0
  • L
Allocation of Resources Without Limits or Throttling

<11.2.2-r1
  • L
GHSA-gr56-3gp6-6gmj

<11.2.2-r1
  • L
GHSA-xvqr-69v8-f3gv

<11.2.2-r1
  • L
CVE-2025-61730

<11.2.2-r1
  • L
Allocation of Resources Without Limits or Throttling

<11.2.2-r1
  • L
Out-of-bounds Write

<11.2.2-r1
  • L
GHSA-cm6p-qc7v-m3jw

<11.2.2-r1
  • L
CVE-2025-61731

<11.2.2-r1
  • L
GHSA-g9q4-qjx4-2v7q

<11.2.2-r1
  • L
GHSA-gm9r-q53w-2gh4

<11.2.2-r1