github.com/mattermost/mattermost-plugin-jira

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/mattermost/mattermost-plugin-jirapage 1 of 1

CVE-2024-23319LOWCVSS 3.5EG 3.5✓ Fixed in 1.1.2-0.20230830170046-f4cf4c6de017
2024-02-09
Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.
CVE-2024-24774LOWCVSS 3.4EG 3.4
2024-02-09
Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give …

Check whether github.com/mattermost/mattermost-plugin-jira is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/mattermost/mattermost-plugin-jira CVEs against the assets you own.

Start Free Scan →