CVE-2024-45833

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-45833

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45833.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-45833

Published

2024-09-16T07:15:03.663Z

Modified

2025-11-16T02:53:39.961258Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary when the user has Swiftkey as the default keyboard, the masking is off and the password contains a special character..

References

https://mattermost.com/security-updates

Affected packages

Git / github.com/mattermost/mattermost-mobile

Affected ranges

Type: GIT
Repo: https://github.com/mattermost/mattermost-mobile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

043d5291433127b7a5076463d01f2f9264e02b0c

Affected versions

v2.*

v2.18.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45833.json"