Bitnami package

mattermost

pkg:bitnami/mattermost

Vulnerabilities (104)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-14452	—	< 5.21.0	5.21.0	Jun 19, 2020	An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTTP, aka MMSA-2020-0014.
CVE-2020-14450	—	< 5.22.0	5.22.0	Jun 19, 2020	An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.
CVE-2020-14448	—	< 5.23.0	5.23.0	Jun 19, 2020	An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0020.
CVE-2020-14447	—	< 5.23.0	5.23.0	Jun 19, 2020	An issue was discovered in Mattermost Server before 5.23.0. Large webhook requests allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0021.

CVE-2020-14452Jun 19, 2020
affected < 5.21.0fixed 5.21.0
An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTTP, aka MMSA-2020-0014.
CVE-2020-14450Jun 19, 2020
affected < 5.22.0fixed 5.22.0
An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.
CVE-2020-14448Jun 19, 2020
affected < 5.23.0fixed 5.23.0
An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0020.
CVE-2020-14447Jun 19, 2020
affected < 5.23.0fixed 5.23.0
An issue was discovered in Mattermost Server before 5.23.0. Large webhook requests allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0021.

Page 6 of 6