x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-p5pr-vm3j-jxxf

[GoVulnBot]

In GitHub Security Advisory GHSA-p5pr-vm3j-jxxf, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/mattermost/mattermost-server/v6	7.8.13	< 7.8.13

Cross references:

• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-7ggc-5r84-xf54 #540 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-32rp-q37p-jg6w #576 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-f37q-q7p2-ccfc #595 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-fxwj-v664-wv5g #599 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-m7w4-q5vg-5xfp #1028 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-63f2-6959-2pxj #1711 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-8jhh-3jf2-pfwr #1712 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-9hj7-v56g-rhf6 #1727 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-7g2v-2frm-rg94 #1778 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-455c-vqrf-mghr #1873 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-6xjj-v76v-fwpj #2007 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-9rww-66w7-7vjx #2008 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-g3v6-r8p9-wxg9 #2009 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-p267-jjfq-pphf #2010 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-33r7-wjfc-7w98 #2087 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-9hwp-cj7m-wjw4 #2089 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-h69v-mvh9-hfrq #2090 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-h8wh-f7gw-fwpr #2091 EFFECTIVELY_PRIVATE
• Module github.com/mattermost/mattermost-server/v6 appears in issue x/vulndb: potential Go vuln in github.com/mattermost/mattermost-server/v6: GHSA-rp65-jpc7-8h8p #2093 EFFECTIVELY_PRIVATE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/mattermost/mattermost-server/v6
      versions:
        - fixed: 7.8.13
      packages:
        - package: github.com/mattermost/mattermost-server/v6
    - module: github.com/mattermost/mattermost-server/v6
      versions:
        - fixed: 8.1.4
      packages:
        - package: github.com/mattermost/mattermost/server/v8
summary: |-
    Mattermost Exposure of Sensitive Information to an Unauthorized Actor
    vulnerability
cves:
    - CVE-2023-45223
ghsas:
    - GHSA-p5pr-vm3j-jxxf
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2023-45223
    - web: https://mattermost.com/security-updates
    - advisory: https://github.com/advisories/GHSA-p5pr-vm3j-jxxf

[gopherbot]

Change https://go.dev/cl/545818 mentions this issue: data/excluded: batch add 13 excluded reports

[gopherbot]

Change https://go.dev/cl/592764 mentions this issue: data/reports: unexclude 31 reports