CVE

CVE-2016-11076

Mattermost Server does not check if cookies are used over SSL in github.com/mattermost/mattermost-server

Back to all

CVE

CVE-2016-11076

Mattermost Server does not check if cookies are used over SSL in github.com/mattermost/mattermost-server

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

5.3

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.5

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Related Resources

No items found.

References

https://github.com/advisories/GHSA-379p-37xc-q963, https://nvd.nist.gov/vuln/detail/CVE-2016-11076, https://github.com/mattermost/mattermost/commit/bac25154d659883c801b3bb9a0687f46570f5bbf, https://mattermost.com/security-updates

Severity

7.5

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.5

EPSS Probability

0.00311%

EPSS Percentile

0.53775%

Introduced Version

0,v0.6.0,v0.0.0-20150722124153-c39e95c7cb1a,v0.5.0,v0.0.0-20150615075332-56e74239d6b3

Fix Available

3.0.0+incompatible,v3.0.0,v0.0.0-20160429000352-ad9dfc9c42b6

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2016-11076

CVE-2016-11076

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.5

Basic Information

Fix Critical Vulnerabilities Instantly