data/reports/GO-2025-4031.yaml - vulndb - Git at Google

 id: GO-2025-4031
 modules:
     - module: github.com/mattermost/mattermost-server
       unsupported_versions:
         - cve_version_range: 'affected from 10.5.0 to 10.5.10 (default: unaffected)'
         - cve_version_range: 'affected from 10.11.0 to 10.11.2 (default: unaffected)'
         - cve_version_range: 'unaffected at 10.12.0 (default: unaffected)'
         - cve_version_range: 'unaffected at 10.5.11 (default: unaffected)'
         - cve_version_range: 'unaffected at 10.11.3 (default: unaffected)'
       vulnerable_at: 11.0.4+incompatible
 summary: Guest user can discover active public channels in github.com/mattermost/mattermost-server
 cves:
     - CVE-2025-41443
 ghsas:
     - GHSA-7cr3-38jm-6p45
 credits:
     - lordwillmore
 references:
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-41443
     - web: https://mattermost.com/security-updates
 source:
     id: CVE-2025-41443
     created: 2025-10-28T17:35:43.726068794Z
 review_status: UNREVIEWED
	id: GO-2025-4031
	modules:
	- module: github.com/mattermost/mattermost-server
	unsupported_versions:
	- cve_version_range: 'affected from 10.5.0 to 10.5.10 (default: unaffected)'
	- cve_version_range: 'affected from 10.11.0 to 10.11.2 (default: unaffected)'
	- cve_version_range: 'unaffected at 10.12.0 (default: unaffected)'
	- cve_version_range: 'unaffected at 10.5.11 (default: unaffected)'
	- cve_version_range: 'unaffected at 10.11.3 (default: unaffected)'
	vulnerable_at: 11.0.4+incompatible
	summary: Guest user can discover active public channels in github.com/mattermost/mattermost-server
	cves:
	- CVE-2025-41443
	ghsas:
	- GHSA-7cr3-38jm-6p45
	credits:
	- lordwillmore
	references:
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-41443
	- web: https://mattermost.com/security-updates
	source:
	id: CVE-2025-41443
	created: 2025-10-28T17:35:43.726068794Z
	review_status: UNREVIEWED