Mattermost Mobile Mattermost Mobile

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Mattermost Mobile.

By the Year

In 2025 there have been 0 vulnerabilities in Mattermost Mobile. Last year, in 2024 Mattermost Mobile had 4 security vulnerabilities published. Right now, Mattermost Mobile is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 4 6.20
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Mattermost Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Mattermost Mobile Security Vulnerabilities

Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which

CVE-2024-45833 6.5 - Medium - September 16, 2024

Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary when the user has Swiftkey as the default keyboard, the masking is off and the password contains a special character..

Mattermost Mobile Apps versions <=2.16.0 fail to validate

CVE-2024-39767 6.5 - Medium - July 15, 2024

Mattermost Mobile Apps versions <=2.16.0 fail to validate that the push notifications received for a server actually came from this serve that which allows a malicious server to send push notifications with another servers diagnostic ID or server URL and have them show up in mobile apps as that servers push notifications.

authentification

Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which

CVE-2024-32945 5.3 - Medium - July 15, 2024

Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.

Missing Initialization of Resource

Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which

CVE-2024-3872 6.5 - Medium - April 16, 2024

Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Mattermost Mobile or by Mattermost? Click the Watch button to subscribe.

Mattermost
Vendor

subscribe