x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-qx3f-6vq3-8j8m

Advisory [GHSA-qx3f-6vq3-8j8m](https://github.com/advisories/GHSA-qx3f-6vq3-8j8m) references a vulnerability in the following Go modules:

| Module |
| - |
| [github.com/mattermost/mattermost-server](https://pkg.go.dev/github.com/mattermost/mattermost-server) |
| [github.com/mattermost/mattermost-server/v5](https://pkg.go.dev/github.com/mattermost/mattermost-server/v5) |
| [github.com/mattermost/mattermost-server/v6](https://pkg.go.dev/github.com/mattermost/mattermost-server/v6) |
| [github.com/mattermost/mattermost/server/v8](https://pkg.go.dev/github.com/mattermost/mattermost/server/v8) |

Description:
Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.1, 10.9.x <= 10.9.3 fail to validate import directory path configuration which allows admin users to execute arbitrary code via malicious plugin upload to prepackaged plugins directory

References:
- ADVISORY: https://github.com/advisories/GHSA-qx3f-6vq3-8j8m
- ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2025-9079
- FIX: https://github.com/mattermost/mattermost/commit/047a2c64071749367fe02d2162f6103a3d31a883
- FIX: https://github.com/mattermost/mattermost/commit/439464883aa16a329c23cd6274c4cca7e88e238f
- FIX: https://github.com/mattermost/mattermost/commit/4ff68eea0a3f3777032d31a1a82f4b1fb492a1ac
- FIX: https://github.com/mattermost/mattermost/commit/96665b9b98a17534fcd515982a2eb26950581e41
- FIX: https://github.com/mattermost/mattermost/commit/a8fa77f107efe83f09a779f8e67cbecf236b0032
- FIX: https://github.com/mattermost/mattermost/commit/b38e2eccda182212a8032539658723c7d87e0b7e
- WEB: https://mattermost.com/security-updates

Cross references:
- github.com/mattermost/mattermost-server appears in 132 other report(s):
  - data/excluded/GO-2022-0601.yaml    (https://github.com/golang/vulndb/issues/601)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2022-1126.yaml    (https://github.com/golang/vulndb/issues/1126)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2022-1127.yaml    (https://github.com/golang/vulndb/issues/1127)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1710.yaml    (https://github.com/golang/vulndb/issues/1710)    EFFECTIVELY_PRIVATE
  - data/reports/GO-2022-0540.yaml    (https://github.com/golang/vulndb/issues/540)
  - data/reports/GO-2022-0576.yaml    (https://github.com/golang/vulndb/issues/576)
  - data/reports/GO-2022-0595.yaml    (https://github.com/golang/vulndb/issues/595)
  - data/reports/GO-2022-0599.yaml    (https://github.com/golang/vulndb/issues/599)
  - data/reports/GO-2022-0604.yaml    (https://github.com/golang/vulndb/issues/604)
  - data/reports/GO-2022-0616.yaml    (https://github.com/golang/vulndb/issues/616)
  - data/reports/GO-2023-1939.yaml    (https://github.com/golang/vulndb/issues/1939)
  - data/reports/GO-2024-2444.yaml    (https://github.com/golang/vulndb/issues/2444)
  - data/reports/GO-2024-2446.yaml    (https://github.com/golang/vulndb/issues/2446)
  - data/reports/GO-2024-2448.yaml    (https://github.com/golang/vulndb/issues/2448)
  - data/reports/GO-2024-2450.yaml    (https://github.com/golang/vulndb/issues/2450)
  - data/reports/GO-2024-2541.yaml    (https://github.com/golang/vulndb/issues/2541)
  - data/reports/GO-2024-2566.yaml    (https://github.com/golang/vulndb/issues/2566)
  - data/reports/GO-2024-2588.yaml    (https://github.com/golang/vulndb/issues/2588)
  - data/reports/GO-2024-2589.yaml    (https://github.com/golang/vulndb/issues/2589)
  - data/reports/GO-2024-2590.yaml    (https://github.com/golang/vulndb/issues/2590)
  - data/reports/GO-2024-2591.yaml    (https://github.com/golang/vulndb/issues/2591)
  - data/reports/GO-2024-2592.yaml    (https://github.com/golang/vulndb/issues/2592)
  - data/reports/GO-2024-2593.yaml    (https://github.com/golang/vulndb/issues/2593)
  - data/reports/GO-2024-2594.yaml    (https://github.com/golang/vulndb/issues/2594)
  - data/reports/GO-2024-2595.yaml    (https://github.com/golang/vulndb/issues/2595)
  - data/reports/GO-2024-2635.yaml    (https://github.com/golang/vulndb/issues/2635)
  - data/reports/GO-2024-2695.yaml    (https://github.com/golang/vulndb/issues/2695)
  - data/reports/GO-2024-2696.yaml    (https://github.com/golang/vulndb/issues/2696)
  - data/reports/GO-2024-2706.yaml    (https://github.com/golang/vulndb/issues/2706)
  - data/reports/GO-2024-2707.yaml    (https://github.com/golang/vulndb/issues/2707)
  - data/reports/GO-2024-2793.yaml    (https://github.com/golang/vulndb/issues/2793)
  - data/reports/GO-2024-2794.yaml    (https://github.com/golang/vulndb/issues/2794)
  - data/reports/GO-2024-2795.yaml    (https://github.com/golang/vulndb/issues/2795)
  - data/reports/GO-2024-2796.yaml    (https://github.com/golang/vulndb/issues/2796)
  - data/reports/GO-2024-2797.yaml    (https://github.com/golang/vulndb/issues/2797)
  - data/reports/GO-2024-2798.yaml    (https://github.com/golang/vulndb/issues/2798)
  - data/reports/GO-2024-3020.yaml    (https://github.com/golang/vulndb/issues/3020)
  - data/reports/GO-2024-3022.yaml    (https://github.com/golang/vulndb/issues/3022)
  - data/reports/GO-2024-3023.yaml    (https://github.com/golang/vulndb/issues/3023)
  - data/reports/GO-2024-3024.yaml    (https://github.com/golang/vulndb/issues/3024)
  - data/reports/GO-2024-3025.yaml    (https://github.com/golang/vulndb/issues/3025)
  - data/reports/GO-2024-3028.yaml    (https://github.com/golang/vulndb/issues/3028)
  - data/reports/GO-2024-3030.yaml    (https://github.com/golang/vulndb/issues/3030)
  - data/reports/GO-2024-3031.yaml    (https://github.com/golang/vulndb/issues/3031)
  - data/reports/GO-2024-3032.yaml    (https://github.com/golang/vulndb/issues/3032)
  - data/reports/GO-2024-3089.yaml    (https://github.com/golang/vulndb/issues/3089)
  - data/reports/GO-2024-3090.yaml    (https://github.com/golang/vulndb/issues/3090)
  - data/reports/GO-2024-3091.yaml    (https://github.com/golang/vulndb/issues/3091)
  - data/reports/GO-2024-3092.yaml    (https://github.com/golang/vulndb/issues/3092)
  - data/reports/GO-2024-3093.yaml    (https://github.com/golang/vulndb/issues/3093)
  - data/reports/GO-2024-3094.yaml    (https://github.com/golang/vulndb/issues/3094)
  - data/reports/GO-2024-3096.yaml    (https://github.com/golang/vulndb/issues/3096)
  - data/reports/GO-2024-3097.yaml    (https://github.com/golang/vulndb/issues/3097)
  - data/reports/GO-2024-3164.yaml    (https://github.com/golang/vulndb/issues/3164)
  - data/reports/GO-2024-3227.yaml    (https://github.com/golang/vulndb/issues/3227)
  - data/reports/GO-2024-3232.yaml    (https://github.com/golang/vulndb/issues/3232)
  - data/reports/GO-2024-3233.yaml    (https://github.com/golang/vulndb/issues/3233)
  - data/reports/GO-2024-3234.yaml    (https://github.com/golang/vulndb/issues/3234)
  - data/reports/GO-2024-3235.yaml    (https://github.com/golang/vulndb/issues/3235)
  - data/reports/GO-2024-3334.yaml    (https://github.com/golang/vulndb/issues/3334)
  - data/reports/GO-2024-3337.yaml    (https://github.com/golang/vulndb/issues/3337)
  - data/reports/GO-2024-3338.yaml    (https://github.com/golang/vulndb/issues/3338)
  - data/reports/GO-2024-3340.yaml    (https://github.com/golang/vulndb/issues/3340)
  - data/reports/GO-2025-3377.yaml    (https://github.com/golang/vulndb/issues/3377)
  - data/reports/GO-2025-3379.yaml    (https://github.com/golang/vulndb/issues/3379)
  - data/reports/GO-2025-3380.yaml    (https://github.com/golang/vulndb/issues/3380)
  - data/reports/GO-2025-3392.yaml    (https://github.com/golang/vulndb/issues/3392)
  - data/reports/GO-2025-3393.yaml    (https://github.com/golang/vulndb/issues/3393)
  - data/reports/GO-2025-3394.yaml    (https://github.com/golang/vulndb/issues/3394)
  - data/reports/GO-2025-3407.yaml    (https://github.com/golang/vulndb/issues/3407)
  - data/reports/GO-2025-3480.yaml    (https://github.com/golang/vulndb/issues/3480)
  - data/reports/GO-2025-3481.yaml    (https://github.com/golang/vulndb/issues/3481)
  - data/reports/GO-2025-3482.yaml    (https://github.com/golang/vulndb/issues/3482)
  - data/reports/GO-2025-3483.yaml    (https://github.com/golang/vulndb/issues/3483)
  - data/reports/GO-2025-3534.yaml    (https://github.com/golang/vulndb/issues/3534)
  - data/reports/GO-2025-3549.yaml    (https://github.com/golang/vulndb/issues/3549)
  - data/reports/GO-2025-3550.yaml    (https://github.com/golang/vulndb/issues/3550)
  - data/reports/GO-2025-3551.yaml    (https://github.com/golang/vulndb/issues/3551)
  - data/reports/GO-2025-3552.yaml    (https://github.com/golang/vulndb/issues/3552)
  - data/reports/GO-2025-3555.yaml    (https://github.com/golang/vulndb/issues/3555)
  - data/reports/GO-2025-3556.yaml    (https://github.com/golang/vulndb/issues/3556)
  - data/reports/GO-2025-3604.yaml    (https://github.com/golang/vulndb/issues/3604)
  - data/reports/GO-2025-3609.yaml    (https://github.com/golang/vulndb/issues/3609)
  - data/reports/GO-2025-3610.yaml    (https://github.com/golang/vulndb/issues/3610)
  - data/reports/GO-2025-3611.yaml    (https://github.com/golang/vulndb/issues/3611)
  - data/reports/GO-2025-3618.yaml    (https://github.com/golang/vulndb/issues/3618)
  - data/reports/GO-2025-3619.yaml    (https://github.com/golang/vulndb/issues/3619)
  - data/reports/GO-2025-3620.yaml    (https://github.com/golang/vulndb/issues/3620)
  - data/reports/GO-2025-3621.yaml    (https://github.com/golang/vulndb/issues/3621)
  - data/reports/GO-2025-3622.yaml    (https://github.com/golang/vulndb/issues/3622)
  - data/reports/GO-2025-3623.yaml    (https://github.com/golang/vulndb/issues/3623)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3691.yaml    (https://github.com/golang/vulndb/issues/3691)
  - data/reports/GO-2025-3692.yaml    (https://github.com/golang/vulndb/issues/3692)
  - data/reports/GO-2025-3693.yaml    (https://github.com/golang/vulndb/issues/3693)
  - data/reports/GO-2025-3694.yaml    (https://github.com/golang/vulndb/issues/3694)
  - data/reports/GO-2025-3724.yaml    (https://github.com/golang/vulndb/issues/3724)
  - data/reports/GO-2025-3728.yaml    (https://github.com/golang/vulndb/issues/3728)
  - data/reports/GO-2025-3729.yaml    (https://github.com/golang/vulndb/issues/3729)
  - data/reports/GO-2025-3730.yaml    (https://github.com/golang/vulndb/issues/3730)
  - data/reports/GO-2025-3731.yaml    (https://github.com/golang/vulndb/issues/3731)
  - data/reports/GO-2025-3756.yaml    (https://github.com/golang/vulndb/issues/3756)
  - data/reports/GO-2025-3757.yaml    (https://github.com/golang/vulndb/issues/3757)
  - data/reports/GO-2025-3769.yaml    (https://github.com/golang/vulndb/issues/3769)
  - data/reports/GO-2025-3771.yaml    (https://github.com/golang/vulndb/issues/3771)
  - data/reports/GO-2025-3772.yaml    (https://github.com/golang/vulndb/issues/3772)
  - data/reports/GO-2025-3796.yaml    (https://github.com/golang/vulndb/issues/3796)
  - data/reports/GO-2025-3797.yaml    (https://github.com/golang/vulndb/issues/3797)
  - data/reports/GO-2025-3818.yaml    (https://github.com/golang/vulndb/issues/3818)
  - data/reports/GO-2025-3819.yaml    (https://github.com/golang/vulndb/issues/3819)
  - data/reports/GO-2025-3820.yaml    (https://github.com/golang/vulndb/issues/3820)
  - data/reports/GO-2025-3901.yaml    (https://github.com/golang/vulndb/issues/3901)
  - data/reports/GO-2025-3902.yaml    (https://github.com/golang/vulndb/issues/3902)
  - data/reports/GO-2025-3903.yaml    (https://github.com/golang/vulndb/issues/3903)
  - data/reports/GO-2025-3904.yaml    (https://github.com/golang/vulndb/issues/3904)
  - data/reports/GO-2025-3905.yaml    (https://github.com/golang/vulndb/issues/3905)
  - data/reports/GO-2025-3906.yaml    (https://github.com/golang/vulndb/issues/3906)
  - data/reports/GO-2025-3907.yaml    (https://github.com/golang/vulndb/issues/3907)
  - data/reports/GO-2025-3910.yaml    (https://github.com/golang/vulndb/issues/3910)
  - data/reports/GO-2025-3911.yaml    (https://github.com/golang/vulndb/issues/3911)
  - data/reports/GO-2025-3950.yaml    (https://github.com/golang/vulndb/issues/3950)
  - data/reports/GO-2025-3958.yaml    (https://github.com/golang/vulndb/issues/3958)
  - data/reports/GO-2025-3959.yaml    (https://github.com/golang/vulndb/issues/3959)
  - data/reports/GO-2025-3960.yaml    (https://github.com/golang/vulndb/issues/3960)
- github.com/mattermost/mattermost-server/v5 appears in 116 other report(s):
  - data/reports/GO-2022-0540.yaml    (https://github.com/golang/vulndb/issues/540)
  - data/reports/GO-2022-0576.yaml    (https://github.com/golang/vulndb/issues/576)
  - data/reports/GO-2022-0595.yaml    (https://github.com/golang/vulndb/issues/595)
  - data/reports/GO-2022-0599.yaml    (https://github.com/golang/vulndb/issues/599)
  - data/reports/GO-2022-0604.yaml    (https://github.com/golang/vulndb/issues/604)
  - data/reports/GO-2022-0616.yaml    (https://github.com/golang/vulndb/issues/616)
  - data/reports/GO-2023-1939.yaml    (https://github.com/golang/vulndb/issues/1939)
  - data/reports/GO-2024-2444.yaml    (https://github.com/golang/vulndb/issues/2444)
  - data/reports/GO-2024-2446.yaml    (https://github.com/golang/vulndb/issues/2446)
  - data/reports/GO-2024-2448.yaml    (https://github.com/golang/vulndb/issues/2448)
  - data/reports/GO-2024-2450.yaml    (https://github.com/golang/vulndb/issues/2450)
  - data/reports/GO-2024-2541.yaml    (https://github.com/golang/vulndb/issues/2541)
  - data/reports/GO-2024-2566.yaml    (https://github.com/golang/vulndb/issues/2566)
  - data/reports/GO-2024-2588.yaml    (https://github.com/golang/vulndb/issues/2588)
  - data/reports/GO-2024-2589.yaml    (https://github.com/golang/vulndb/issues/2589)
  - data/reports/GO-2024-2590.yaml    (https://github.com/golang/vulndb/issues/2590)
  - data/reports/GO-2024-2591.yaml    (https://github.com/golang/vulndb/issues/2591)
  - data/reports/GO-2024-2592.yaml    (https://github.com/golang/vulndb/issues/2592)
  - data/reports/GO-2024-2593.yaml    (https://github.com/golang/vulndb/issues/2593)
  - data/reports/GO-2024-2594.yaml    (https://github.com/golang/vulndb/issues/2594)
  - data/reports/GO-2024-2595.yaml    (https://github.com/golang/vulndb/issues/2595)
  - data/reports/GO-2024-2635.yaml    (https://github.com/golang/vulndb/issues/2635)
  - data/reports/GO-2024-2695.yaml    (https://github.com/golang/vulndb/issues/2695)
  - data/reports/GO-2024-2696.yaml    (https://github.com/golang/vulndb/issues/2696)
  - data/reports/GO-2024-2706.yaml    (https://github.com/golang/vulndb/issues/2706)
  - data/reports/GO-2024-2707.yaml    (https://github.com/golang/vulndb/issues/2707)
  - data/reports/GO-2024-3020.yaml    (https://github.com/golang/vulndb/issues/3020)
  - data/reports/GO-2024-3022.yaml    (https://github.com/golang/vulndb/issues/3022)
  - data/reports/GO-2024-3023.yaml    (https://github.com/golang/vulndb/issues/3023)
  - data/reports/GO-2024-3024.yaml    (https://github.com/golang/vulndb/issues/3024)
  - data/reports/GO-2024-3025.yaml    (https://github.com/golang/vulndb/issues/3025)
  - data/reports/GO-2024-3028.yaml    (https://github.com/golang/vulndb/issues/3028)
  - data/reports/GO-2024-3030.yaml    (https://github.com/golang/vulndb/issues/3030)
  - data/reports/GO-2024-3031.yaml    (https://github.com/golang/vulndb/issues/3031)
  - data/reports/GO-2024-3032.yaml    (https://github.com/golang/vulndb/issues/3032)
  - data/reports/GO-2024-3089.yaml    (https://github.com/golang/vulndb/issues/3089)
  - data/reports/GO-2024-3090.yaml    (https://github.com/golang/vulndb/issues/3090)
  - data/reports/GO-2024-3091.yaml    (https://github.com/golang/vulndb/issues/3091)
  - data/reports/GO-2024-3092.yaml    (https://github.com/golang/vulndb/issues/3092)
  - data/reports/GO-2024-3093.yaml    (https://github.com/golang/vulndb/issues/3093)
  - data/reports/GO-2024-3094.yaml    (https://github.com/golang/vulndb/issues/3094)
  - data/reports/GO-2024-3096.yaml    (https://github.com/golang/vulndb/issues/3096)
  - data/reports/GO-2024-3097.yaml    (https://github.com/golang/vulndb/issues/3097)
  - data/reports/GO-2024-3164.yaml    (https://github.com/golang/vulndb/issues/3164)
  - data/reports/GO-2024-3227.yaml    (https://github.com/golang/vulndb/issues/3227)
  - data/reports/GO-2024-3232.yaml    (https://github.com/golang/vulndb/issues/3232)
  - data/reports/GO-2024-3233.yaml    (https://github.com/golang/vulndb/issues/3233)
  - data/reports/GO-2024-3234.yaml    (https://github.com/golang/vulndb/issues/3234)
  - data/reports/GO-2024-3235.yaml    (https://github.com/golang/vulndb/issues/3235)
  - data/reports/GO-2024-3334.yaml    (https://github.com/golang/vulndb/issues/3334)
  - data/reports/GO-2024-3337.yaml    (https://github.com/golang/vulndb/issues/3337)
  - data/reports/GO-2024-3338.yaml    (https://github.com/golang/vulndb/issues/3338)
  - data/reports/GO-2024-3340.yaml    (https://github.com/golang/vulndb/issues/3340)
  - data/reports/GO-2025-3377.yaml    (https://github.com/golang/vulndb/issues/3377)
  - data/reports/GO-2025-3379.yaml    (https://github.com/golang/vulndb/issues/3379)
  - data/reports/GO-2025-3380.yaml    (https://github.com/golang/vulndb/issues/3380)
  - data/reports/GO-2025-3392.yaml    (https://github.com/golang/vulndb/issues/3392)
  - data/reports/GO-2025-3393.yaml    (https://github.com/golang/vulndb/issues/3393)
  - data/reports/GO-2025-3394.yaml    (https://github.com/golang/vulndb/issues/3394)
  - data/reports/GO-2025-3407.yaml    (https://github.com/golang/vulndb/issues/3407)
  - data/reports/GO-2025-3480.yaml    (https://github.com/golang/vulndb/issues/3480)
  - data/reports/GO-2025-3481.yaml    (https://github.com/golang/vulndb/issues/3481)
  - data/reports/GO-2025-3482.yaml    (https://github.com/golang/vulndb/issues/3482)
  - data/reports/GO-2025-3483.yaml    (https://github.com/golang/vulndb/issues/3483)
  - data/reports/GO-2025-3534.yaml    (https://github.com/golang/vulndb/issues/3534)
  - data/reports/GO-2025-3549.yaml    (https://github.com/golang/vulndb/issues/3549)
  - data/reports/GO-2025-3550.yaml    (https://github.com/golang/vulndb/issues/3550)
  - data/reports/GO-2025-3551.yaml    (https://github.com/golang/vulndb/issues/3551)
  - data/reports/GO-2025-3552.yaml    (https://github.com/golang/vulndb/issues/3552)
  - data/reports/GO-2025-3555.yaml    (https://github.com/golang/vulndb/issues/3555)
  - data/reports/GO-2025-3556.yaml    (https://github.com/golang/vulndb/issues/3556)
  - data/reports/GO-2025-3604.yaml    (https://github.com/golang/vulndb/issues/3604)
  - data/reports/GO-2025-3609.yaml    (https://github.com/golang/vulndb/issues/3609)
  - data/reports/GO-2025-3610.yaml    (https://github.com/golang/vulndb/issues/3610)
  - data/reports/GO-2025-3611.yaml    (https://github.com/golang/vulndb/issues/3611)
  - data/reports/GO-2025-3618.yaml    (https://github.com/golang/vulndb/issues/3618)
  - data/reports/GO-2025-3619.yaml    (https://github.com/golang/vulndb/issues/3619)
  - data/reports/GO-2025-3620.yaml    (https://github.com/golang/vulndb/issues/3620)
  - data/reports/GO-2025-3621.yaml    (https://github.com/golang/vulndb/issues/3621)
  - data/reports/GO-2025-3622.yaml    (https://github.com/golang/vulndb/issues/3622)
  - data/reports/GO-2025-3623.yaml    (https://github.com/golang/vulndb/issues/3623)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3691.yaml    (https://github.com/golang/vulndb/issues/3691)
  - data/reports/GO-2025-3692.yaml    (https://github.com/golang/vulndb/issues/3692)
  - data/reports/GO-2025-3693.yaml    (https://github.com/golang/vulndb/issues/3693)
  - data/reports/GO-2025-3694.yaml    (https://github.com/golang/vulndb/issues/3694)
  - data/reports/GO-2025-3724.yaml    (https://github.com/golang/vulndb/issues/3724)
  - data/reports/GO-2025-3728.yaml    (https://github.com/golang/vulndb/issues/3728)
  - data/reports/GO-2025-3729.yaml    (https://github.com/golang/vulndb/issues/3729)
  - data/reports/GO-2025-3730.yaml    (https://github.com/golang/vulndb/issues/3730)
  - data/reports/GO-2025-3731.yaml    (https://github.com/golang/vulndb/issues/3731)
  - data/reports/GO-2025-3756.yaml    (https://github.com/golang/vulndb/issues/3756)
  - data/reports/GO-2025-3757.yaml    (https://github.com/golang/vulndb/issues/3757)
  - data/reports/GO-2025-3769.yaml    (https://github.com/golang/vulndb/issues/3769)
  - data/reports/GO-2025-3771.yaml    (https://github.com/golang/vulndb/issues/3771)
  - data/reports/GO-2025-3772.yaml    (https://github.com/golang/vulndb/issues/3772)
  - data/reports/GO-2025-3796.yaml    (https://github.com/golang/vulndb/issues/3796)
  - data/reports/GO-2025-3797.yaml    (https://github.com/golang/vulndb/issues/3797)
  - data/reports/GO-2025-3818.yaml    (https://github.com/golang/vulndb/issues/3818)
  - data/reports/GO-2025-3819.yaml    (https://github.com/golang/vulndb/issues/3819)
  - data/reports/GO-2025-3820.yaml    (https://github.com/golang/vulndb/issues/3820)
  - data/reports/GO-2025-3901.yaml    (https://github.com/golang/vulndb/issues/3901)
  - data/reports/GO-2025-3902.yaml    (https://github.com/golang/vulndb/issues/3902)
  - data/reports/GO-2025-3903.yaml    (https://github.com/golang/vulndb/issues/3903)
  - data/reports/GO-2025-3904.yaml    (https://github.com/golang/vulndb/issues/3904)
  - data/reports/GO-2025-3905.yaml    (https://github.com/golang/vulndb/issues/3905)
  - data/reports/GO-2025-3906.yaml    (https://github.com/golang/vulndb/issues/3906)
  - data/reports/GO-2025-3907.yaml    (https://github.com/golang/vulndb/issues/3907)
  - data/reports/GO-2025-3910.yaml    (https://github.com/golang/vulndb/issues/3910)
  - data/reports/GO-2025-3911.yaml    (https://github.com/golang/vulndb/issues/3911)
  - data/reports/GO-2025-3950.yaml    (https://github.com/golang/vulndb/issues/3950)
  - data/reports/GO-2025-3958.yaml    (https://github.com/golang/vulndb/issues/3958)
  - data/reports/GO-2025-3959.yaml    (https://github.com/golang/vulndb/issues/3959)
  - data/reports/GO-2025-3960.yaml    (https://github.com/golang/vulndb/issues/3960)
- github.com/mattermost/mattermost-server/v6 appears in 138 other report(s):
  - data/excluded/GO-2022-1028.yaml    (https://github.com/golang/vulndb/issues/1028)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1711.yaml    (https://github.com/golang/vulndb/issues/1711)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1712.yaml    (https://github.com/golang/vulndb/issues/1712)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1727.yaml    (https://github.com/golang/vulndb/issues/1727)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1778.yaml    (https://github.com/golang/vulndb/issues/1778)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-1873.yaml    (https://github.com/golang/vulndb/issues/1873)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2007.yaml    (https://github.com/golang/vulndb/issues/2007)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2008.yaml    (https://github.com/golang/vulndb/issues/2008)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2009.yaml    (https://github.com/golang/vulndb/issues/2009)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2010.yaml    (https://github.com/golang/vulndb/issues/2010)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2087.yaml    (https://github.com/golang/vulndb/issues/2087)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2089.yaml    (https://github.com/golang/vulndb/issues/2089)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2090.yaml    (https://github.com/golang/vulndb/issues/2090)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2091.yaml    (https://github.com/golang/vulndb/issues/2091)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2093.yaml    (https://github.com/golang/vulndb/issues/2093)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2358.yaml    (https://github.com/golang/vulndb/issues/2358)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2359.yaml    (https://github.com/golang/vulndb/issues/2359)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2360.yaml    (https://github.com/golang/vulndb/issues/2360)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2361.yaml    (https://github.com/golang/vulndb/issues/2361)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2362.yaml    (https://github.com/golang/vulndb/issues/2362)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2363.yaml    (https://github.com/golang/vulndb/issues/2363)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2364.yaml    (https://github.com/golang/vulndb/issues/2364)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2365.yaml    (https://github.com/golang/vulndb/issues/2365)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2366.yaml    (https://github.com/golang/vulndb/issues/2366)    EFFECTIVELY_PRIVATE
  - data/reports/GO-2022-0540.yaml    (https://github.com/golang/vulndb/issues/540)
  - data/reports/GO-2022-0576.yaml    (https://github.com/golang/vulndb/issues/576)
  - data/reports/GO-2022-0595.yaml    (https://github.com/golang/vulndb/issues/595)
  - data/reports/GO-2022-0599.yaml    (https://github.com/golang/vulndb/issues/599)
  - data/reports/GO-2022-0616.yaml    (https://github.com/golang/vulndb/issues/616)
  - data/reports/GO-2024-2444.yaml    (https://github.com/golang/vulndb/issues/2444)
  - data/reports/GO-2024-2446.yaml    (https://github.com/golang/vulndb/issues/2446)
  - data/reports/GO-2024-2448.yaml    (https://github.com/golang/vulndb/issues/2448)
  - data/reports/GO-2024-2450.yaml    (https://github.com/golang/vulndb/issues/2450)
  - data/reports/GO-2024-2541.yaml    (https://github.com/golang/vulndb/issues/2541)
  - data/reports/GO-2024-2566.yaml    (https://github.com/golang/vulndb/issues/2566)
  - data/reports/GO-2024-2588.yaml    (https://github.com/golang/vulndb/issues/2588)
  - data/reports/GO-2024-2589.yaml    (https://github.com/golang/vulndb/issues/2589)
  - data/reports/GO-2024-2590.yaml    (https://github.com/golang/vulndb/issues/2590)
  - data/reports/GO-2024-2591.yaml    (https://github.com/golang/vulndb/issues/2591)
  - data/reports/GO-2024-2592.yaml    (https://github.com/golang/vulndb/issues/2592)
  - data/reports/GO-2024-2593.yaml    (https://github.com/golang/vulndb/issues/2593)
  - data/reports/GO-2024-2594.yaml    (https://github.com/golang/vulndb/issues/2594)
  - data/reports/GO-2024-2595.yaml    (https://github.com/golang/vulndb/issues/2595)
  - data/reports/GO-2024-2635.yaml    (https://github.com/golang/vulndb/issues/2635)
  - data/reports/GO-2024-2695.yaml    (https://github.com/golang/vulndb/issues/2695)
  - data/reports/GO-2024-2696.yaml    (https://github.com/golang/vulndb/issues/2696)
  - data/reports/GO-2024-2706.yaml    (https://github.com/golang/vulndb/issues/2706)
  - data/reports/GO-2024-2707.yaml    (https://github.com/golang/vulndb/issues/2707)
  - data/reports/GO-2024-3020.yaml    (https://github.com/golang/vulndb/issues/3020)
  - data/reports/GO-2024-3022.yaml    (https://github.com/golang/vulndb/issues/3022)
  - data/reports/GO-2024-3023.yaml    (https://github.com/golang/vulndb/issues/3023)
  - data/reports/GO-2024-3024.yaml    (https://github.com/golang/vulndb/issues/3024)
  - data/reports/GO-2024-3025.yaml    (https://github.com/golang/vulndb/issues/3025)
  - data/reports/GO-2024-3028.yaml    (https://github.com/golang/vulndb/issues/3028)
  - data/reports/GO-2024-3030.yaml    (https://github.com/golang/vulndb/issues/3030)
  - data/reports/GO-2024-3031.yaml    (https://github.com/golang/vulndb/issues/3031)
  - data/reports/GO-2024-3032.yaml    (https://github.com/golang/vulndb/issues/3032)
  - data/reports/GO-2024-3089.yaml    (https://github.com/golang/vulndb/issues/3089)
  - data/reports/GO-2024-3090.yaml    (https://github.com/golang/vulndb/issues/3090)
  - data/reports/GO-2024-3091.yaml    (https://github.com/golang/vulndb/issues/3091)
  - data/reports/GO-2024-3092.yaml    (https://github.com/golang/vulndb/issues/3092)
  - data/reports/GO-2024-3093.yaml    (https://github.com/golang/vulndb/issues/3093)
  - data/reports/GO-2024-3094.yaml    (https://github.com/golang/vulndb/issues/3094)
  - data/reports/GO-2024-3096.yaml    (https://github.com/golang/vulndb/issues/3096)
  - data/reports/GO-2024-3097.yaml    (https://github.com/golang/vulndb/issues/3097)
  - data/reports/GO-2024-3164.yaml    (https://github.com/golang/vulndb/issues/3164)
  - data/reports/GO-2024-3227.yaml    (https://github.com/golang/vulndb/issues/3227)
  - data/reports/GO-2024-3232.yaml    (https://github.com/golang/vulndb/issues/3232)
  - data/reports/GO-2024-3233.yaml    (https://github.com/golang/vulndb/issues/3233)
  - data/reports/GO-2024-3234.yaml    (https://github.com/golang/vulndb/issues/3234)
  - data/reports/GO-2024-3235.yaml    (https://github.com/golang/vulndb/issues/3235)
  - data/reports/GO-2024-3334.yaml    (https://github.com/golang/vulndb/issues/3334)
  - data/reports/GO-2024-3337.yaml    (https://github.com/golang/vulndb/issues/3337)
  - data/reports/GO-2024-3338.yaml    (https://github.com/golang/vulndb/issues/3338)
  - data/reports/GO-2024-3340.yaml    (https://github.com/golang/vulndb/issues/3340)
  - data/reports/GO-2025-3377.yaml    (https://github.com/golang/vulndb/issues/3377)
  - data/reports/GO-2025-3379.yaml    (https://github.com/golang/vulndb/issues/3379)
  - data/reports/GO-2025-3380.yaml    (https://github.com/golang/vulndb/issues/3380)
  - data/reports/GO-2025-3392.yaml    (https://github.com/golang/vulndb/issues/3392)
  - data/reports/GO-2025-3393.yaml    (https://github.com/golang/vulndb/issues/3393)
  - data/reports/GO-2025-3394.yaml    (https://github.com/golang/vulndb/issues/3394)
  - data/reports/GO-2025-3407.yaml    (https://github.com/golang/vulndb/issues/3407)
  - data/reports/GO-2025-3480.yaml    (https://github.com/golang/vulndb/issues/3480)
  - data/reports/GO-2025-3481.yaml    (https://github.com/golang/vulndb/issues/3481)
  - data/reports/GO-2025-3482.yaml    (https://github.com/golang/vulndb/issues/3482)
  - data/reports/GO-2025-3483.yaml    (https://github.com/golang/vulndb/issues/3483)
  - data/reports/GO-2025-3534.yaml    (https://github.com/golang/vulndb/issues/3534)
  - data/reports/GO-2025-3549.yaml    (https://github.com/golang/vulndb/issues/3549)
  - data/reports/GO-2025-3550.yaml    (https://github.com/golang/vulndb/issues/3550)
  - data/reports/GO-2025-3551.yaml    (https://github.com/golang/vulndb/issues/3551)
  - data/reports/GO-2025-3552.yaml    (https://github.com/golang/vulndb/issues/3552)
  - data/reports/GO-2025-3555.yaml    (https://github.com/golang/vulndb/issues/3555)
  - data/reports/GO-2025-3556.yaml    (https://github.com/golang/vulndb/issues/3556)
  - data/reports/GO-2025-3604.yaml    (https://github.com/golang/vulndb/issues/3604)
  - data/reports/GO-2025-3609.yaml    (https://github.com/golang/vulndb/issues/3609)
  - data/reports/GO-2025-3610.yaml    (https://github.com/golang/vulndb/issues/3610)
  - data/reports/GO-2025-3611.yaml    (https://github.com/golang/vulndb/issues/3611)
  - data/reports/GO-2025-3618.yaml    (https://github.com/golang/vulndb/issues/3618)
  - data/reports/GO-2025-3619.yaml    (https://github.com/golang/vulndb/issues/3619)
  - data/reports/GO-2025-3620.yaml    (https://github.com/golang/vulndb/issues/3620)
  - data/reports/GO-2025-3621.yaml    (https://github.com/golang/vulndb/issues/3621)
  - data/reports/GO-2025-3622.yaml    (https://github.com/golang/vulndb/issues/3622)
  - data/reports/GO-2025-3623.yaml    (https://github.com/golang/vulndb/issues/3623)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3691.yaml    (https://github.com/golang/vulndb/issues/3691)
  - data/reports/GO-2025-3692.yaml    (https://github.com/golang/vulndb/issues/3692)
  - data/reports/GO-2025-3693.yaml    (https://github.com/golang/vulndb/issues/3693)
  - data/reports/GO-2025-3694.yaml    (https://github.com/golang/vulndb/issues/3694)
  - data/reports/GO-2025-3724.yaml    (https://github.com/golang/vulndb/issues/3724)
  - data/reports/GO-2025-3728.yaml    (https://github.com/golang/vulndb/issues/3728)
  - data/reports/GO-2025-3729.yaml    (https://github.com/golang/vulndb/issues/3729)
  - data/reports/GO-2025-3730.yaml    (https://github.com/golang/vulndb/issues/3730)
  - data/reports/GO-2025-3731.yaml    (https://github.com/golang/vulndb/issues/3731)
  - data/reports/GO-2025-3756.yaml    (https://github.com/golang/vulndb/issues/3756)
  - data/reports/GO-2025-3757.yaml    (https://github.com/golang/vulndb/issues/3757)
  - data/reports/GO-2025-3769.yaml    (https://github.com/golang/vulndb/issues/3769)
  - data/reports/GO-2025-3771.yaml    (https://github.com/golang/vulndb/issues/3771)
  - data/reports/GO-2025-3772.yaml    (https://github.com/golang/vulndb/issues/3772)
  - data/reports/GO-2025-3796.yaml    (https://github.com/golang/vulndb/issues/3796)
  - data/reports/GO-2025-3797.yaml    (https://github.com/golang/vulndb/issues/3797)
  - data/reports/GO-2025-3818.yaml    (https://github.com/golang/vulndb/issues/3818)
  - data/reports/GO-2025-3819.yaml    (https://github.com/golang/vulndb/issues/3819)
  - data/reports/GO-2025-3820.yaml    (https://github.com/golang/vulndb/issues/3820)
  - data/reports/GO-2025-3901.yaml    (https://github.com/golang/vulndb/issues/3901)
  - data/reports/GO-2025-3902.yaml    (https://github.com/golang/vulndb/issues/3902)
  - data/reports/GO-2025-3903.yaml    (https://github.com/golang/vulndb/issues/3903)
  - data/reports/GO-2025-3904.yaml    (https://github.com/golang/vulndb/issues/3904)
  - data/reports/GO-2025-3905.yaml    (https://github.com/golang/vulndb/issues/3905)
  - data/reports/GO-2025-3906.yaml    (https://github.com/golang/vulndb/issues/3906)
  - data/reports/GO-2025-3907.yaml    (https://github.com/golang/vulndb/issues/3907)
  - data/reports/GO-2025-3910.yaml    (https://github.com/golang/vulndb/issues/3910)
  - data/reports/GO-2025-3911.yaml    (https://github.com/golang/vulndb/issues/3911)
  - data/reports/GO-2025-3950.yaml    (https://github.com/golang/vulndb/issues/3950)
  - data/reports/GO-2025-3958.yaml    (https://github.com/golang/vulndb/issues/3958)
  - data/reports/GO-2025-3959.yaml    (https://github.com/golang/vulndb/issues/3959)
  - data/reports/GO-2025-3960.yaml    (https://github.com/golang/vulndb/issues/3960)
- github.com/mattermost/mattermost/server/v8 appears in 122 other report(s):
  - data/excluded/GO-2023-2182.yaml    (https://github.com/golang/vulndb/issues/2182)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2183.yaml    (https://github.com/golang/vulndb/issues/2183)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2184.yaml    (https://github.com/golang/vulndb/issues/2184)    EFFECTIVELY_PRIVATE
  - data/excluded/GO-2023-2390.yaml    (https://github.com/golang/vulndb/issues/2390)    EFFECTIVELY_PRIVATE
  - data/reports/GO-2024-2444.yaml    (https://github.com/golang/vulndb/issues/2444)
  - data/reports/GO-2024-2446.yaml    (https://github.com/golang/vulndb/issues/2446)
  - data/reports/GO-2024-2448.yaml    (https://github.com/golang/vulndb/issues/2448)
  - data/reports/GO-2024-2450.yaml    (https://github.com/golang/vulndb/issues/2450)
  - data/reports/GO-2024-2541.yaml    (https://github.com/golang/vulndb/issues/2541)
  - data/reports/GO-2024-2566.yaml    (https://github.com/golang/vulndb/issues/2566)
  - data/reports/GO-2024-2588.yaml    (https://github.com/golang/vulndb/issues/2588)
  - data/reports/GO-2024-2589.yaml    (https://github.com/golang/vulndb/issues/2589)
  - data/reports/GO-2024-2590.yaml    (https://github.com/golang/vulndb/issues/2590)
  - data/reports/GO-2024-2591.yaml    (https://github.com/golang/vulndb/issues/2591)
  - data/reports/GO-2024-2592.yaml    (https://github.com/golang/vulndb/issues/2592)
  - data/reports/GO-2024-2593.yaml    (https://github.com/golang/vulndb/issues/2593)
  - data/reports/GO-2024-2594.yaml    (https://github.com/golang/vulndb/issues/2594)
  - data/reports/GO-2024-2595.yaml    (https://github.com/golang/vulndb/issues/2595)
  - data/reports/GO-2024-2635.yaml    (https://github.com/golang/vulndb/issues/2635)
  - data/reports/GO-2024-2695.yaml    (https://github.com/golang/vulndb/issues/2695)
  - data/reports/GO-2024-2696.yaml    (https://github.com/golang/vulndb/issues/2696)
  - data/reports/GO-2024-2706.yaml    (https://github.com/golang/vulndb/issues/2706)
  - data/reports/GO-2024-2707.yaml    (https://github.com/golang/vulndb/issues/2707)
  - data/reports/GO-2024-3020.yaml    (https://github.com/golang/vulndb/issues/3020)
  - data/reports/GO-2024-3022.yaml    (https://github.com/golang/vulndb/issues/3022)
  - data/reports/GO-2024-3023.yaml    (https://github.com/golang/vulndb/issues/3023)
  - data/reports/GO-2024-3024.yaml    (https://github.com/golang/vulndb/issues/3024)
  - data/reports/GO-2024-3025.yaml    (https://github.com/golang/vulndb/issues/3025)
  - data/reports/GO-2024-3028.yaml    (https://github.com/golang/vulndb/issues/3028)
  - data/reports/GO-2024-3030.yaml    (https://github.com/golang/vulndb/issues/3030)
  - data/reports/GO-2024-3031.yaml    (https://github.com/golang/vulndb/issues/3031)
  - data/reports/GO-2024-3032.yaml    (https://github.com/golang/vulndb/issues/3032)
  - data/reports/GO-2024-3089.yaml    (https://github.com/golang/vulndb/issues/3089)
  - data/reports/GO-2024-3090.yaml    (https://github.com/golang/vulndb/issues/3090)
  - data/reports/GO-2024-3091.yaml    (https://github.com/golang/vulndb/issues/3091)
  - data/reports/GO-2024-3092.yaml    (https://github.com/golang/vulndb/issues/3092)
  - data/reports/GO-2024-3093.yaml    (https://github.com/golang/vulndb/issues/3093)
  - data/reports/GO-2024-3094.yaml    (https://github.com/golang/vulndb/issues/3094)
  - data/reports/GO-2024-3096.yaml    (https://github.com/golang/vulndb/issues/3096)
  - data/reports/GO-2024-3097.yaml    (https://github.com/golang/vulndb/issues/3097)
  - data/reports/GO-2024-3164.yaml    (https://github.com/golang/vulndb/issues/3164)
  - data/reports/GO-2024-3227.yaml    (https://github.com/golang/vulndb/issues/3227)
  - data/reports/GO-2024-3232.yaml    (https://github.com/golang/vulndb/issues/3232)
  - data/reports/GO-2024-3233.yaml    (https://github.com/golang/vulndb/issues/3233)
  - data/reports/GO-2024-3234.yaml    (https://github.com/golang/vulndb/issues/3234)
  - data/reports/GO-2024-3235.yaml    (https://github.com/golang/vulndb/issues/3235)
  - data/reports/GO-2024-3334.yaml    (https://github.com/golang/vulndb/issues/3334)
  - data/reports/GO-2024-3337.yaml    (https://github.com/golang/vulndb/issues/3337)
  - data/reports/GO-2024-3338.yaml    (https://github.com/golang/vulndb/issues/3338)
  - data/reports/GO-2024-3340.yaml    (https://github.com/golang/vulndb/issues/3340)
  - data/reports/GO-2025-3377.yaml    (https://github.com/golang/vulndb/issues/3377)
  - data/reports/GO-2025-3379.yaml    (https://github.com/golang/vulndb/issues/3379)
  - data/reports/GO-2025-3380.yaml    (https://github.com/golang/vulndb/issues/3380)
  - data/reports/GO-2025-3392.yaml    (https://github.com/golang/vulndb/issues/3392)
  - data/reports/GO-2025-3393.yaml    (https://github.com/golang/vulndb/issues/3393)
  - data/reports/GO-2025-3394.yaml    (https://github.com/golang/vulndb/issues/3394)
  - data/reports/GO-2025-3407.yaml    (https://github.com/golang/vulndb/issues/3407)
  - data/reports/GO-2025-3480.yaml    (https://github.com/golang/vulndb/issues/3480)
  - data/reports/GO-2025-3481.yaml    (https://github.com/golang/vulndb/issues/3481)
  - data/reports/GO-2025-3482.yaml    (https://github.com/golang/vulndb/issues/3482)
  - data/reports/GO-2025-3483.yaml    (https://github.com/golang/vulndb/issues/3483)
  - data/reports/GO-2025-3534.yaml    (https://github.com/golang/vulndb/issues/3534)
  - data/reports/GO-2025-3549.yaml    (https://github.com/golang/vulndb/issues/3549)
  - data/reports/GO-2025-3550.yaml    (https://github.com/golang/vulndb/issues/3550)
  - data/reports/GO-2025-3551.yaml    (https://github.com/golang/vulndb/issues/3551)
  - data/reports/GO-2025-3552.yaml    (https://github.com/golang/vulndb/issues/3552)
  - data/reports/GO-2025-3555.yaml    (https://github.com/golang/vulndb/issues/3555)
  - data/reports/GO-2025-3556.yaml    (https://github.com/golang/vulndb/issues/3556)
  - data/reports/GO-2025-3604.yaml    (https://github.com/golang/vulndb/issues/3604)
  - data/reports/GO-2025-3609.yaml    (https://github.com/golang/vulndb/issues/3609)
  - data/reports/GO-2025-3610.yaml    (https://github.com/golang/vulndb/issues/3610)
  - data/reports/GO-2025-3611.yaml    (https://github.com/golang/vulndb/issues/3611)
  - data/reports/GO-2025-3618.yaml    (https://github.com/golang/vulndb/issues/3618)
  - data/reports/GO-2025-3619.yaml    (https://github.com/golang/vulndb/issues/3619)
  - data/reports/GO-2025-3620.yaml    (https://github.com/golang/vulndb/issues/3620)
  - data/reports/GO-2025-3621.yaml    (https://github.com/golang/vulndb/issues/3621)
  - data/reports/GO-2025-3622.yaml    (https://github.com/golang/vulndb/issues/3622)
  - data/reports/GO-2025-3623.yaml    (https://github.com/golang/vulndb/issues/3623)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3642.yaml    (https://github.com/golang/vulndb/issues/3642)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3643.yaml    (https://github.com/golang/vulndb/issues/3643)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3644.yaml    (https://github.com/golang/vulndb/issues/3644)
  - data/reports/GO-2025-3691.yaml    (https://github.com/golang/vulndb/issues/3691)
  - data/reports/GO-2025-3692.yaml    (https://github.com/golang/vulndb/issues/3692)
  - data/reports/GO-2025-3693.yaml    (https://github.com/golang/vulndb/issues/3693)
  - data/reports/GO-2025-3694.yaml    (https://github.com/golang/vulndb/issues/3694)
  - data/reports/GO-2025-3724.yaml    (https://github.com/golang/vulndb/issues/3724)
  - data/reports/GO-2025-3728.yaml    (https://github.com/golang/vulndb/issues/3728)
  - data/reports/GO-2025-3729.yaml    (https://github.com/golang/vulndb/issues/3729)
  - data/reports/GO-2025-3730.yaml    (https://github.com/golang/vulndb/issues/3730)
  - data/reports/GO-2025-3731.yaml    (https://github.com/golang/vulndb/issues/3731)
  - data/reports/GO-2025-3756.yaml    (https://github.com/golang/vulndb/issues/3756)
  - data/reports/GO-2025-3757.yaml    (https://github.com/golang/vulndb/issues/3757)
  - data/reports/GO-2025-3769.yaml    (https://github.com/golang/vulndb/issues/3769)
  - data/reports/GO-2025-3771.yaml    (https://github.com/golang/vulndb/issues/3771)
  - data/reports/GO-2025-3772.yaml    (https://github.com/golang/vulndb/issues/3772)
  - data/reports/GO-2025-3796.yaml    (https://github.com/golang/vulndb/issues/3796)
  - data/reports/GO-2025-3797.yaml    (https://github.com/golang/vulndb/issues/3797)
  - data/reports/GO-2025-3818.yaml    (https://github.com/golang/vulndb/issues/3818)
  - data/reports/GO-2025-3819.yaml    (https://github.com/golang/vulndb/issues/3819)
  - data/reports/GO-2025-3820.yaml    (https://github.com/golang/vulndb/issues/3820)
  - data/reports/GO-2025-3901.yaml    (https://github.com/golang/vulndb/issues/3901)
  - data/reports/GO-2025-3902.yaml    (https://github.com/golang/vulndb/issues/3902)
  - data/reports/GO-2025-3903.yaml    (https://github.com/golang/vulndb/issues/3903)
  - data/reports/GO-2025-3904.yaml    (https://github.com/golang/vulndb/issues/3904)
  - data/reports/GO-2025-3905.yaml    (https://github.com/golang/vulndb/issues/3905)
  - data/reports/GO-2025-3906.yaml    (https://github.com/golang/vulndb/issues/3906)
  - data/reports/GO-2025-3907.yaml    (https://github.com/golang/vulndb/issues/3907)
  - data/reports/GO-2025-3910.yaml    (https://github.com/golang/vulndb/issues/3910)
  - data/reports/GO-2025-3911.yaml    (https://github.com/golang/vulndb/issues/3911)
  - data/reports/GO-2025-3950.yaml    (https://github.com/golang/vulndb/issues/3950)
  - data/reports/GO-2025-3958.yaml    (https://github.com/golang/vulndb/issues/3958)
  - data/reports/GO-2025-3959.yaml    (https://github.com/golang/vulndb/issues/3959)
  - data/reports/GO-2025-3960.yaml    (https://github.com/golang/vulndb/issues/3960)

See [doc/quickstart.md](https://github.com/golang/vulndb/blob/master/doc/quickstart.md) for instructions on how to triage this report.

```
id: GO-ID-PENDING
modules:
    - module: github.com/mattermost/mattermost-server
      versions:
        - introduced: 9.11.0+incompatible
        - fixed: 9.11.18+incompatible
        - introduced: 10.5.0+incompatible
        - fixed: 10.5.9+incompatible
        - introduced: 10.8.0+incompatible
        - fixed: 10.8.4+incompatible
        - introduced: 10.9.0+incompatible
        - fixed: 10.9.4+incompatible
        - introduced: 10.10.0+incompatible
        - fixed: 10.10.2+incompatible
      vulnerable_at: 10.10.2-rc4+incompatible
    - module: github.com/mattermost/mattermost-server/v5
      vulnerable_at: 5.39.3
    - module: github.com/mattermost/mattermost-server/v6
      vulnerable_at: 6.7.2
    - module: github.com/mattermost/mattermost/server/v8
      versions:
        - fixed: 8.0.0-20250707221302-a8fa77f107ef
summary: Mattermost Path Traversal vulnerability in github.com/mattermost/mattermost-server
cves:
    - CVE-2025-9079
ghsas:
    - GHSA-qx3f-6vq3-8j8m
references:
    - advisory: https://github.com/advisories/GHSA-qx3f-6vq3-8j8m
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-9079
    - fix: https://github.com/mattermost/mattermost/commit/047a2c64071749367fe02d2162f6103a3d31a883
    - fix: https://github.com/mattermost/mattermost/commit/439464883aa16a329c23cd6274c4cca7e88e238f
    - fix: https://github.com/mattermost/mattermost/commit/4ff68eea0a3f3777032d31a1a82f4b1fb492a1ac
    - fix: https://github.com/mattermost/mattermost/commit/96665b9b98a17534fcd515982a2eb26950581e41
    - fix: https://github.com/mattermost/mattermost/commit/a8fa77f107efe83f09a779f8e67cbecf236b0032
    - fix: https://github.com/mattermost/mattermost/commit/b38e2eccda182212a8032539658723c7d87e0b7e
    - web: https://mattermost.com/security-updates
notes:
    - fix: 'github.com/mattermost/mattermost/server/v8: could not add vulnerable_at: could not find tagged version between introduced and fixed'
source:
    id: GHSA-qx3f-6vq3-8j8m
    created: 2025-09-20T00:05:08.785992999Z
review_status: UNREVIEWED

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-qx3f-6vq3-8j8m #3977

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

x/vulndb: potential Go vuln in github.com/mattermost/mattermost/server/v8: GHSA-qx3f-6vq3-8j8m #3977

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions