github.com/mattermost/.../app vulnerabilities

licenses detected

(AGPL-3.0 OR Apache-2.0)
>=v0

View app package health on Snyk Advisor (opens in a new tab)

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the github.com/mattermost/mattermost/server/channels/app package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Incorrect Authorization	<9.11.10>=10.4.0 <10.4.4>=10.5.0 <10.5.2
M Incorrect Authorization	<9.11.10>=10.4.0 <10.4.4>=10.5.0 <10.5.2
M Incorrect Authorization	>=9.11.0-rc1 <9.11.10>=10.0.0-rc1 <10.4.4>=10.5.0-rc1 <10.5.2
M Incorrect Authorization	<9.11.9>=10.0.0-rc1 <10.5.0
H Missing Authentication for Critical Function	<9.11.9>=10.3.0-rc1 <10.3.4>=10.4.0-rc1 <10.4.3>=10.5.0-rc1 <10.5.1
M Incorrect Authorization	>=9.11.0-rc1 <9.11.9-rc1>=10.0.0-rc1 <10.5.0-rc3
L Session Fixation	<10.5.0
M Improper Validation of Specified Type of Input	>=9.11.0 <9.11.6>=10.0.0 <10.0.4>=10.1.0-rc1 <10.1.4>=10.2.0 <10.2.1
M Race Condition	>=9.5.0 <9.5.13-rc1>=9.11.0 <9.11.5-rc1>=10.0.0 <10.0.3-rc1>=10.1.0 <10.1.3-rc1
M Incorrect Authorization	<9.9.3
L Improper Access Control	>=9.5.0 <9.5.9
M Improper Check for Unusual or Exceptional Conditions	>=9.5.0-rc1 <9.5.9-rc1>=9.11.0-rc1 <9.11.1-rc1