CVE-2024-34152 | Mattermost up to 8.1.12/9.5.3/9.6.1 GraphQL Query access control

Inserito da Angelo Barbosa | Mag 26, 2024 | CVE

A vulnerability classified as critical has been found in Mattermost up to 8.1.12/9.5.3/9.6.1. This affects an unknown part of the component GraphQL Query Handler. The manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2024-34152. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34152 | Mattermost up to 8.1.12/9.5.3/9.6.1 GraphQL Query access control

Post correlati

CVE-2024-0737 | Xlightftpd Xlight FTP Server 1.1 Login user denial of service (ID 176553)

CVE-2023-52440 | Linux Kernel up to 5.15.144/6.1.51/6.4.14/6.5/6.5.1 ksmbd ksmbd_decode_ntlmssp_auth_blob buffer overflow

CVE-2024-45195 | Apache OFBiz up to 18.12.15 Controller View direct request

CVE-2023-5685 | xnio NotifierState stack-based overflow