x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-r67m-mf7v-qp7j #2182
Description
In GitHub Security Advisory GHSA-r67m-mf7v-qp7j, there is a vulnerability in the following Go packages or modules:
| Unit | Fixed | Vulnerable Ranges |
|---|---|---|
| github.com/mattermost/mattermost/server/v8 | 9.0.1 | = 9.0.0 |
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
modules:
- module: github.com/mattermost/mattermost/server/v8
versions:
- introduced: TODO (earliest fixed "9.0.1", vuln range "= 9.0.0")
packages:
- package: github.com/mattermost/mattermost/server/v8
- module: github.com/mattermost/mattermost/server/v8
versions:
- introduced: 8.1.0
fixed: 8.1.3
packages:
- package: github.com/mattermost/mattermost/server/v8
- module: github.com/mattermost/mattermost/server/v8
versions:
- introduced: 8.0.0
fixed: 8.0.4
packages:
- package: github.com/mattermost/mattermost/server/v8
- module: github.com/mattermost/mattermost/server/v8
versions:
- fixed: 7.8.12
packages:
- package: github.com/mattermost/mattermost-server/v6
summary: Mattermost password hash disclosure vulnerability
cves:
- CVE-2023-5968
ghsas:
- GHSA-r67m-mf7v-qp7j
references:
- web: https://nvd.nist.gov/vuln/detail/CVE-2023-5968
- web: https://mattermost.com/security-updates
- advisory: https://github.com/advisories/GHSA-r67m-mf7v-qp7j