mattermost-desktop@3.6.0 vulnerabilities

Mattermost

Direct Vulnerabilities

Known vulnerabilities in the mattermost-desktop package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • L
Information Exposure

mattermost-desktop is a Mattermost

Affected versions of this package are vulnerable to Information Exposure when the keyboard input functionality is used. An attacker can read the keyboard input by exploiting the lack of secure keyboard input functionality provided by macOS.

How to fix Information Exposure?

A fix was pushed into the master branch but not yet published.

*
  • L
Protection Mechanism Failure

mattermost-desktop is a Mattermost

Affected versions of this package are vulnerable to Protection Mechanism Failure due to the incorrect handling of permissions or user consent prompts for certain sensitive ones. An attacker can exploit media from a malicious server by manipulating the permission handling process. This is only exploitable if the server is maliciously configured.

How to fix Protection Mechanism Failure?

A fix was pushed into the master branch but not yet published.

*
  • L
Denial of Service (DoS)

mattermost-desktop is a Mattermost

Affected versions of this package are vulnerable to Denial of Service (DoS) due to failing to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service.

How to fix Denial of Service (DoS)?

A fix was pushed into the master branch but not yet published.

*
  • M
Open Redirect

mattermost-desktop is a Mattermost

Affected versions of this package are vulnerable to Open Redirect due to missing validation in the src/main/windows/callsWidgetWindow.ts file.

How to fix Open Redirect?

There is no fixed version for mattermost-desktop.

*