CNNVD-202507-2432 Information
CNNVD ID
CNNVD-202507-2432
Related CVE
- CNNVD Published: 2025-07-18
Description (Chinese)
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全漏洞,该漏洞源于批量导入JSONL文件中文件附件路径未清理,可能导致系统管理员通过路径遍历读取任意系统文件。以下版本受到影响:10.8.1及之前的10.8.x版本、10.7.3及之前的10.7.x版本、10.5.7及之前的10.5.x版本、9.11.16及之前的9.11.x版本。
Description (English)
Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Matermost, which results from the uncleaned path of bulk import of attachments to JSONL files, which may lead system administrators to read any system file through the path. The following versions were affected: 10.8.1 and earlier, 10.8.x, 10.7.3 and earlier, 10.5.7 and earlier, 10.5.x, 9.11.16 and 9.11.x.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2025-07-18
Last Modified
2026-02-24
References
https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-6233
Share on: