Is github.com/mattermost/mattermost-plugin-jira safe to use?

github.com/mattermost/mattermost-plugin-jira has 6 known vulnerabilities on the latest version (v1.1.1). DepScope rates its health at 32/100 (critical risk).

What is the latest version of github.com/mattermost/mattermost-plugin-jira?

The latest version of github.com/mattermost/mattermost-plugin-jira is v1.1.1, released 2019-02-09.

Does github.com/mattermost/mattermost-plugin-jira have known vulnerabilities?

Yes. github.com/mattermost/mattermost-plugin-jira has 6 known vulnerabilities. See depscope.dev/pkg/go/github.com/mattermost/mattermost-plugin-jira for details.

Is github.com/mattermost/mattermost-plugin-jira deprecated?

No, github.com/mattermost/mattermost-plugin-jira is actively maintained. Latest release: v1.1.1 (2019-02-09).

What are alternatives to github.com/mattermost/mattermost-plugin-jira?

DepScope has no curated alternatives for github.com/mattermost/mattermost-plugin-jira at this time.

What license does github.com/mattermost/mattermost-plugin-jira use?

github.com/mattermost/mattermost-plugin-jira is licensed under Apache-2.0.

github.com/mattermost/mattermost-plugin-jira

govv1.1.1

JIRA plugin for Mattermost 🔌

License Apache-2.0permissive9 versions81 maintainers0 deps108 weekly dl

mattermost/mattermost-plugin-jira

/ 100

Health

update required

github.com/mattermost/[email protected] has vulnerabilities — update to latest

Update to >= 8.0.0-20251121122154-b57c297c6d7a to fix known vulnerabilities

Low health score (32/100)
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

3/20

popularity

18/25

security

6/15

maturity

5/15

community

Vulnerabilities

1 high1 medium4 low

Advisories (6)

Severity	ID	Summary	Fixed in
low	BIT-mattermost-2024-23319	Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery	1.1.2-0.20230830170046-f4cf4c6de017
medium	BIT-mattermost-2024-24774	Mattermost Jira Plugin does not properly check security levels	4.0.0-rc1
high	CVE-2025-14273	Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm	4.4.1
unknown	BIT-mattermost-2024-23319	Cross-site request forgery via logout button in github.com/mattermost/mattermost-plugin-jira	1.1.2-0.20230830170046-f4cf4c6de017
unknown	BIT-mattermost-2024-24774	Mattermost Jira Plugin does not properly check security levels in github.com/mattermost/mattermost-plugin-jira	—
unknown	CVE-2025-14273	Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-plugin-jira	8.0.0-20251121122154-b57c297c6d7a

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/mattermost/mattermost-plugin-jira

Last updated · 2019-02-09T02:21:13Z

Severity

Summary

Fixed in

low

BIT-mattermost-2024-23319

Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery

1.1.2-0.20230830170046-f4cf4c6de017

medium

BIT-mattermost-2024-24774

Mattermost Jira Plugin does not properly check security levels

4.0.0-rc1

high

CVE-2025-14273

Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm

4.4.1

unknown

BIT-mattermost-2024-23319

Cross-site request forgery via logout button in github.com/mattermost/mattermost-plugin-jira

1.1.2-0.20230830170046-f4cf4c6de017

unknown

BIT-mattermost-2024-24774

Mattermost Jira Plugin does not properly check security levels in github.com/mattermost/mattermost-plugin-jira

—

unknown

CVE-2025-14273

Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-plugin-jira

8.0.0-20251121122154-b57c297c6d7a