8.7
CVE-2024-55954 - OpenObserve Improper Authorization Allows Admin User to Remove Root User
OpenObserve is a cloud-native observability platform. A vulnerability in the user management endpoint `/api/{org_id}/users/{email_id}` allows an "Admin" role user to remove a "Root" user from the organization. This violates the intended privilege hierarchy, enabling a non-root user to remove the hiβ¦
6.9
CVE-2024-56136 - /api/v1/jwt/fetch_api_key endpoint can leak if an email address has an account in Zulip server
Zulip server provides an open-source team chat that helps teams stay productive and focused. Zulip Server 7.0 and above are vulnerable to an information disclose attack, where, if a Zulip server is hosting multiple organizations, an unauthenticated user can make a request and determine if an email β¦
5.3
CVE-2024-36402 - Unauthenticated writes to the media repository allow planting of problematic content in Matrix Mediβ¦
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then β¦
5.3
CVE-2024-36403 - Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating enβ¦
5
CVE-2024-52602 - Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. This is fixed in MMR v1.3.8. Users are advised to upgrβ¦
5.3
CVE-2024-52791 - Denial of service through memory exhaustion in Matrix Media Repo
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR makes requests to other servers as part of normal operation, and these resource owners can return large amounts of JSON back to MMR for parsing. In parsing, MMR can consume large amounts of memory andβ¦
6.8
CVE-2024-56515 - Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matriβ¦
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled (they are disabled by default), a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in ImageMaβ¦
4.3
CVE-2024-52594 - Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit `c4f1e01` fixes this issue. Users are advised to upgrade. Users unable to upgrade shoulβ¦
6.5
CVE-2025-20630 - Mobile crash via object that can't be cast to String in Attachment Field
Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel.
6.5
CVE-2025-20621 - Webapp crash via object that can't be cast to String in Attachment Field
Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel.