x/vulndb: potential Go vuln in github.com/mattermost/mattermost: GHSA-j2h2-cvwh-cr64

In GitHub Security Advisory [GHSA-j2h2-cvwh-cr64](https://github.com/advisories/GHSA-j2h2-cvwh-cr64), there is a vulnerability in the following Go packages or modules:

| Unit | Fixed | Vulnerable Ranges |
| - | - | - |
| [github.com/mattermost/mattermost](https://pkg.go.dev/github.com/mattermost/mattermost) | 5.20.0 | < 5.20.0 |

Cross references:
No existing reports found with this module or alias.

See [doc/triage.md](https://github.com/golang/vulndb/blob/master/doc/triage.md) for instructions on how to triage this report.

```
modules:
    - module: github.com/mattermost/mattermost
      versions:
        - fixed: 5.20.0
      vulnerable_at: 5.11.1+incompatible
      packages:
        - package: github.com/mattermost/mattermost
summary: Mattermost Server Sensitive Data Exposure
description: |-
    An issue was discovered in Mattermost Server before 5.20.0. Non-members can
    receive broadcasted team details via the `update_team` WebSocket event, aka
    MMSA-2020-0012.
cves:
    - CVE-2020-14457
ghsas:
    - GHSA-j2h2-cvwh-cr64
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2020-14457
    - web: https://mattermost.com/security-updates/
    - fix: https://github.com/mattermost/mattermost/pull/13848
    - advisory: https://github.com/advisories/GHSA-j2h2-cvwh-cr64

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

x/vulndb: potential Go vuln in github.com/mattermost/mattermost: GHSA-j2h2-cvwh-cr64 #1939

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

x/vulndb: potential Go vuln in github.com/mattermost/mattermost: GHSA-j2h2-cvwh-cr64 #1939

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions