[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-18878":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":548,"aliases":549,"duplicate_of":9,"upstream":552,"downstream":553,"duplicates":556,"related":557,"reserved_at":9,"published_at":559,"modified_at":560,"state":561,"summary":562,"references_raw":571,"kevs":611,"epss":612,"epss_history":615,"metrics":873,"affected":886},"CVE-2017-18878","An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-732","Incorrect Permission Assignment for Critical Resource","The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.","weakness","Draft","Class","High",[20,68,222,256,298,320,333,337,498,502,506],{"id":21,"name":22,"techniques":23},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[24],{"id":25,"name":26,"tactics":27,"countermeasures":43},"T1574.010","Services File Permissions Weakness",[28,31,34,37,40],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",{"id":35,"name":36},"TA0030","Defense Evasion",{"id":38,"name":39},"TA0005","Stealth",{"id":41,"name":42},"TA0104","Execution",[44,49,53,58,63],{"id":45,"name":46,"tactic":47},"D3-SWI","Software Inventory",{"name":48},"Model",{"id":50,"name":51,"tactic":52},"D3-AVE","Asset Vulnerability Enumeration",{"name":48},{"id":54,"name":55,"tactic":56},"D3-SBV","Service Binary Verification",{"name":57},"Detect",{"id":59,"name":60,"tactic":61},"D3-SU","Software Update",{"name":62},"Harden",{"id":64,"name":65,"tactic":66},"D3-RS","Restore Software",{"name":67},"Restore",{"id":69,"name":70,"techniques":71},"CAPEC-122","Privilege Abuse",[72],{"id":73,"name":74,"tactics":75,"countermeasures":78},"T1548","Abuse Elevation Control Mechanism",[76,77],{"id":35,"name":36},{"id":32,"name":33},[79,83,87,91,95,99,103,107,111,115,119,123,127,131,136,140,145,149,153,157,161,165,169,173,177,181,186,190,194,198,202,206,210,214,218],{"id":80,"name":81,"tactic":82},"D3-CI","Configuration Inventory",{"name":48},{"id":84,"name":85,"tactic":86},"D3-AM","Access Modeling",{"name":48},{"id":88,"name":89,"tactic":90},"D3-DI","Data Inventory",{"name":48},{"id":92,"name":93,"tactic":94},"D3-NTPM","Network Traffic Policy Mapping",{"name":48},{"id":96,"name":97,"tactic":98},"D3-AEM","Application Exception Monitoring",{"name":57},{"id":100,"name":101,"tactic":102},"D3-SCA","System Call Analysis",{"name":57},{"id":104,"name":105,"tactic":106},"D3-SFA","System File Analysis",{"name":57},{"id":108,"name":109,"tactic":110},"D3-FA","File Analysis",{"name":57},{"id":112,"name":113,"tactic":114},"D3-FIM","File Integrity Monitoring",{"name":57},{"id":116,"name":117,"tactic":118},"D3-OPM","Operational Process Monitoring",{"name":57},{"id":120,"name":121,"tactic":122},"D3-DA","Dynamic Analysis",{"name":57},{"id":124,"name":125,"tactic":126},"D3-EFA","Emulated File Analysis",{"name":57},{"id":128,"name":129,"tactic":130},"D3-PSA","Process Spawn Analysis",{"name":57},{"id":132,"name":133,"tactic":134},"D3-FEV","File Eviction",{"name":135},"Evict",{"id":137,"name":138,"tactic":139},"D3-AL","Account Locking",{"name":135},{"id":141,"name":142,"tactic":143},"D3-DF","Decoy File",{"name":144},"Deceive",{"id":146,"name":147,"tactic":148},"D3-FE","File Encryption",{"name":62},{"id":150,"name":151,"tactic":152},"D3-AA","Agent Authentication",{"name":62},{"id":154,"name":155,"tactic":156},"D3-CDP","Change Default Password",{"name":62},{"id":158,"name":159,"tactic":160},"D3-SCP","System Configuration Permissions",{"name":62},{"id":162,"name":163,"tactic":164},"D3-RC","Restore Configuration",{"name":67},{"id":166,"name":167,"tactic":168},"D3-RF","Restore File",{"name":67},{"id":170,"name":171,"tactic":172},"D3-ULA","Unlock Account",{"name":67},{"id":174,"name":175,"tactic":176},"D3-RUAA","Restore User Account Access",{"name":67},{"id":178,"name":179,"tactic":180},"D3-RD","Restore Database",{"name":67},{"id":182,"name":183,"tactic":184},"D3-SCF","System Call Filtering",{"name":185},"Isolate",{"id":187,"name":188,"tactic":189},"D3-CF","Content Filtering",{"name":185},{"id":191,"name":192,"tactic":193},"D3-LFP","Local File Permissions",{"name":185},{"id":195,"name":196,"tactic":197},"D3-RFAM","Remote File Access Mediation",{"name":185},{"id":199,"name":200,"tactic":201},"D3-CQ","Content Quarantine",{"name":185},{"id":203,"name":204,"tactic":205},"D3-CM","Content Modification",{"name":185},{"id":207,"name":208,"tactic":209},"D3-UAP","User Account Permissions",{"name":185},{"id":211,"name":212,"tactic":213},"D3-EAL","Executable Allowlisting",{"name":185},{"id":215,"name":216,"tactic":217},"D3-EDL","Executable Denylisting",{"name":185},{"id":219,"name":220,"tactic":221},"D3-HBPI","Hardware-based Process Isolation",{"name":185},{"id":223,"name":224,"techniques":225},"CAPEC-127","Directory Indexing",[226],{"id":227,"name":228,"tactics":229,"countermeasures":233},"T1083","File and Directory Discovery",[230],{"id":231,"name":232},"TA0102","Discovery",[234,236,238,240,242,244,246,248,250,252,254],{"id":108,"name":109,"tactic":235},{"name":57},{"id":112,"name":113,"tactic":237},{"name":57},{"id":132,"name":133,"tactic":239},{"name":135},{"id":141,"name":142,"tactic":241},{"name":144},{"id":146,"name":147,"tactic":243},{"name":62},{"id":166,"name":167,"tactic":245},{"name":67},{"id":191,"name":192,"tactic":247},{"name":185},{"id":187,"name":188,"tactic":249},{"name":185},{"id":195,"name":196,"tactic":251},{"name":185},{"id":199,"name":200,"tactic":253},{"name":185},{"id":203,"name":204,"tactic":255},{"name":185},{"id":257,"name":258,"techniques":259},"CAPEC-17","Using Malicious Files",[260,280],{"id":261,"name":262,"tactics":263,"countermeasures":269},"T1574.005","Executable Installer File Permissions Weakness",[264,265,266,267,268],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[270,272,274,276,278],{"id":45,"name":46,"tactic":271},{"name":48},{"id":50,"name":51,"tactic":273},{"name":48},{"id":54,"name":55,"tactic":275},{"name":57},{"id":59,"name":60,"tactic":277},{"name":62},{"id":64,"name":65,"tactic":279},{"name":67},{"id":25,"name":26,"tactics":281,"countermeasures":287},[282,283,284,285,286],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[288,290,292,294,296],{"id":45,"name":46,"tactic":289},{"name":48},{"id":50,"name":51,"tactic":291},{"name":48},{"id":54,"name":55,"tactic":293},{"name":57},{"id":59,"name":60,"tactic":295},{"name":62},{"id":64,"name":65,"tactic":297},{"name":67},{"id":299,"name":300,"techniques":301},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[302],{"id":25,"name":26,"tactics":303,"countermeasures":309},[304,305,306,307,308],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[310,312,314,316,318],{"id":45,"name":46,"tactic":311},{"name":48},{"id":50,"name":51,"tactic":313},{"name":48},{"id":54,"name":55,"tactic":315},{"name":57},{"id":59,"name":60,"tactic":317},{"name":62},{"id":64,"name":65,"tactic":319},{"name":67},{"id":321,"name":322,"techniques":323},"CAPEC-206","Signing Malicious Code",[324],{"id":325,"name":326,"tactics":327,"countermeasures":332},"T1553.002","Code Signing",[328,329],{"id":35,"name":36},{"id":330,"name":331},"TA0112","Defense Impairment",[],{"id":334,"name":335,"techniques":336},"CAPEC-234","Hijacking a privileged process",[],{"id":338,"name":339,"techniques":340},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[341,393],{"id":342,"name":343,"tactics":344,"countermeasures":348},"T1134.001","Token Impersonation/Theft",[345,346,347],{"id":35,"name":36},{"id":38,"name":39},{"id":32,"name":33},[349,353,357,361,365,369,373,377,381,385,389],{"id":350,"name":351,"tactic":352},"D3-CCSA","Credential Compromise Scope Analysis",{"name":57},{"id":354,"name":355,"tactic":356},"D3-CR","Credential Revocation",{"name":135},{"id":358,"name":359,"tactic":360},"D3-ANCI","Authentication Cache Invalidation",{"name":135},{"id":362,"name":363,"tactic":364},"D3-DUC","Decoy User Credential",{"name":144},{"id":366,"name":367,"tactic":368},"D3-CH","Credential Hardening",{"name":62},{"id":370,"name":371,"tactic":372},"D3-MFA","Multi-factor Authentication",{"name":62},{"id":374,"name":375,"tactic":376},"D3-CRO","Credential Rotation",{"name":62},{"id":378,"name":379,"tactic":380},"D3-TB","Token Binding",{"name":62},{"id":382,"name":383,"tactic":384},"D3-TBA","Token-based Authentication",{"name":62},{"id":386,"name":387,"tactic":388},"D3-RIC","Reissue Credential",{"name":67},{"id":390,"name":391,"tactic":392},"D3-CTS","Credential Transmission Scoping",{"name":185},{"id":394,"name":395,"tactics":396,"countermeasures":401},"T1550.004","Web Session Cookie",[397,398],{"id":35,"name":36},{"id":399,"name":400},"TA0109","Lateral Movement",[402,406,410,414,418,422,426,430,434,438,442,444,446,450,454,458,462,464,466,468,470,472,474,476,480,484,486,488,492,496],{"id":403,"name":404,"tactic":405},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":57},{"id":407,"name":408,"tactic":409},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":57},{"id":411,"name":412,"tactic":413},"D3-CSPP","Client-server Payload Profiling",{"name":57},{"id":415,"name":416,"tactic":417},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":57},{"id":419,"name":420,"tactic":421},"D3-NTSA","Network Traffic Signature Analysis",{"name":57},{"id":423,"name":424,"tactic":425},"D3-APCA","Application Protocol Command Analysis",{"name":57},{"id":427,"name":428,"tactic":429},"D3-NTCD","Network Traffic Community Deviation",{"name":57},{"id":431,"name":432,"tactic":433},"D3-RTSD","Remote Terminal Session Detection",{"name":57},{"id":435,"name":436,"tactic":437},"D3-PLA","Process Lineage Analysis",{"name":57},{"id":439,"name":440,"tactic":441},"D3-PSMD","Process Self-Modification Detection",{"name":57},{"id":128,"name":129,"tactic":443},{"name":57},{"id":350,"name":351,"tactic":445},{"name":57},{"id":447,"name":448,"tactic":449},"D3-PT","Process Termination",{"name":135},{"id":451,"name":452,"tactic":453},"D3-PS","Process Suspension",{"name":135},{"id":455,"name":456,"tactic":457},"D3-HR","Host Reboot",{"name":135},{"id":459,"name":460,"tactic":461},"D3-HS","Host Shutdown",{"name":135},{"id":354,"name":355,"tactic":463},{"name":135},{"id":358,"name":359,"tactic":465},{"name":135},{"id":362,"name":363,"tactic":467},{"name":144},{"id":366,"name":367,"tactic":469},{"name":62},{"id":370,"name":371,"tactic":471},{"name":62},{"id":374,"name":375,"tactic":473},{"name":62},{"id":386,"name":387,"tactic":475},{"name":67},{"id":477,"name":478,"tactic":479},"D3-NTF","Network Traffic Filtering",{"name":185},{"id":481,"name":482,"tactic":483},"D3-KBPI","Kernel-based Process Isolation",{"name":185},{"id":182,"name":183,"tactic":485},{"name":185},{"id":219,"name":220,"tactic":487},{"name":185},{"id":489,"name":490,"tactic":491},"D3-ABPI","Application-based Process Isolation",{"name":185},{"id":493,"name":494,"tactic":495},"D3-WSAM","Web Session Access Mediation",{"name":185},{"id":390,"name":391,"tactic":497},{"name":185},{"id":499,"name":500,"techniques":501},"CAPEC-61","Session Fixation",[],{"id":503,"name":504,"techniques":505},"CAPEC-62","Cross Site Request Forgery",[],{"id":507,"name":508,"techniques":509},"CAPEC-642","Replace Binaries",[510,516,530],{"id":511,"name":512,"tactics":513,"countermeasures":515},"T1505.005","Terminal Services DLL",[514],{"id":29,"name":30},[],{"id":517,"name":518,"tactics":519,"countermeasures":521},"T1554","Compromise Host Software Binary",[520],{"id":29,"name":30},[522,524,526,528],{"id":45,"name":46,"tactic":523},{"name":48},{"id":50,"name":51,"tactic":525},{"name":48},{"id":59,"name":60,"tactic":527},{"name":62},{"id":64,"name":65,"tactic":529},{"name":67},{"id":261,"name":262,"tactics":531,"countermeasures":537},[532,533,534,535,536],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[538,540,542,544,546],{"id":45,"name":46,"tactic":539},{"name":48},{"id":50,"name":51,"tactic":541},{"name":48},{"id":54,"name":55,"tactic":543},{"name":57},{"id":59,"name":60,"tactic":545},{"name":62},{"id":64,"name":65,"tactic":547},{"name":67},[],[550,551],"GHSA-h564-6gc2-fcc6","GO-2025-4191",[],[554],{"_key":555},"SUSE-SU-2026:0037-1",[],[558],{"_key":555},"2020-06-19T18:08:20.000Z","2024-08-05T21:37:44.337Z","Modified",{"cisa_kev":563,"cisa_ransomware":563,"cisa_vendor":9,"epss_severity":564,"epss_score":565,"severity":566,"severity_score":567,"severity_version":568,"severity_source":569,"severity_vector":570,"severity_status":561},false,"low",0.00172,"medium",4.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",[572,579,585,590,594,598,603,607],{"url":573,"sources":574,"tags":576},"https://mattermost.com/security-updates/",[575,569],"cve.org",[577,578],"X Refsource CONFIRM","Vendor Advisory",{"url":580,"sources":581,"tags":583},"https://nvd.nist.gov/vuln/detail/CVE-2017-18878",[582],"osv_go",[584],"Advisory",{"url":586,"sources":587,"tags":588},"https://github.com/mattermost/mattermost/commit/6be8113eb60cf5ddd2dc1c3f4db05cae0c183086",[582],[589],"WEB",{"url":591,"sources":592,"tags":593},"https://github.com/mattermost/mattermost/commit/8fbbd688ea2466dd0d70e9c07e9703d78f8a19a5",[582],[589],{"url":595,"sources":596,"tags":597},"https://github.com/mattermost/mattermost/commit/affd35071ea155069979fd359726296de8aa6aaf",[582],[589],{"url":599,"sources":600,"tags":601},"https://github.com/mattermost/mattermost",[582],[602],"PACKAGE",{"url":604,"sources":605,"tags":606},"https://mattermost.com/security-updates",[582],[589],{"url":608,"sources":609,"tags":610},"https://github.com/advisories/GHSA-h564-6gc2-fcc6",[582],[584],[],{"date":613,"score":565,"percentile":614},"2026-06-05",0.38273,[616,620,623,626,629,632,635,638,641,644,647,650,653,656,659,662,665,668,671,674,677,680,682,685,687,690,693,696,699,702,705,708,711,714,716,719,722,725,728,731,734,737,740,743,746,749,752,755,758,760,762,765,768,771,774,777,780,783,785,788,791,794,797,800,802,804,807,809,812,815,818,821,824,827,830,833,836,839,841,844,847,849,851,854,857,860,863,865,868,871],{"date":617,"score":618,"percentile":619},"2025-11-04",0.00237,0.46743,{"date":621,"score":618,"percentile":622},"2025-11-05",0.46731,{"date":624,"score":618,"percentile":625},"2025-11-06",0.46746,{"date":627,"score":618,"percentile":628},"2025-11-07",0.46772,{"date":630,"score":618,"percentile":631},"2025-11-08",0.46771,{"date":633,"score":618,"percentile":634},"2025-11-09",0.46757,{"date":636,"score":618,"percentile":637},"2025-11-10",0.46728,{"date":639,"score":618,"percentile":640},"2025-11-11",0.46747,{"date":642,"score":618,"percentile":643},"2025-11-12",0.46779,{"date":645,"score":618,"percentile":646},"2025-11-13",0.46785,{"date":648,"score":618,"percentile":649},"2025-11-14",0.46798,{"date":651,"score":618,"percentile":652},"2025-11-15",0.46795,{"date":654,"score":618,"percentile":655},"2025-11-16",0.46781,{"date":657,"score":618,"percentile":658},"2025-11-17",0.46761,{"date":660,"score":618,"percentile":661},"2025-11-18",0.43211,{"date":663,"score":618,"percentile":664},"2025-11-19",0.43224,{"date":666,"score":618,"percentile":667},"2025-11-20",0.43234,{"date":669,"score":618,"percentile":670},"2025-11-21",0.46752,{"date":672,"score":618,"percentile":673},"2025-11-22",0.4675,{"date":675,"score":618,"percentile":676},"2025-11-23",0.46724,{"date":678,"score":618,"percentile":679},"2025-11-24",0.46714,{"date":681,"score":618,"percentile":676},"2025-11-25",{"date":683,"score":618,"percentile":684},"2025-11-26",0.46726,{"date":686,"score":618,"percentile":622},"2025-11-27",{"date":688,"score":618,"percentile":689},"2025-11-28",0.467,{"date":691,"score":618,"percentile":692},"2025-11-29",0.46681,{"date":694,"score":618,"percentile":695},"2025-11-30",0.46669,{"date":697,"score":618,"percentile":698},"2025-12-01",0.46815,{"date":700,"score":618,"percentile":701},"2025-12-02",0.46828,{"date":703,"score":618,"percentile":704},"2025-12-03",0.46822,{"date":706,"score":618,"percentile":707},"2025-12-04",0.46664,{"date":709,"score":618,"percentile":710},"2025-12-05",0.46687,{"date":712,"score":618,"percentile":713},"2025-12-06",0.46684,{"date":715,"score":618,"percentile":695},"2025-12-07",{"date":717,"score":618,"percentile":718},"2025-12-08",0.46674,{"date":720,"score":618,"percentile":721},"2025-12-09",0.46711,{"date":723,"score":618,"percentile":724},"2025-12-10",0.46774,{"date":726,"score":618,"percentile":727},"2025-12-11",0.46797,{"date":729,"score":618,"percentile":730},"2025-12-12",0.46826,{"date":732,"score":618,"percentile":733},"2025-12-13",0.46808,{"date":735,"score":618,"percentile":736},"2025-12-14",0.46789,{"date":738,"score":618,"percentile":739},"2025-12-15",0.46768,{"date":741,"score":618,"percentile":742},"2025-12-16",0.46782,{"date":744,"score":618,"percentile":745},"2025-12-17",0.46805,{"date":747,"score":618,"percentile":748},"2025-12-18",0.46848,{"date":750,"score":618,"percentile":751},"2025-12-19",0.46856,{"date":753,"score":618,"percentile":754},"2025-12-20",0.4683,{"date":756,"score":618,"percentile":757},"2025-12-21",0.46801,{"date":759,"score":618,"percentile":724},"2025-12-22",{"date":761,"score":618,"percentile":628},"2025-12-23",{"date":763,"score":618,"percentile":764},"2025-12-24",0.46783,{"date":766,"score":618,"percentile":767},"2025-12-25",0.46829,{"date":769,"score":618,"percentile":770},"2025-12-26",0.46818,{"date":772,"score":618,"percentile":773},"2025-12-27",0.46844,{"date":775,"score":618,"percentile":776},"2025-12-28",0.46755,{"date":778,"score":618,"percentile":779},"2025-12-29",0.46734,{"date":781,"score":618,"percentile":782},"2025-12-30",0.4673,{"date":784,"score":618,"percentile":724},"2025-12-31",{"date":786,"score":618,"percentile":787},"2026-01-01",0.46931,{"date":789,"score":618,"percentile":790},"2026-01-02",0.46908,{"date":792,"score":618,"percentile":793},"2026-01-03",0.46894,{"date":795,"score":618,"percentile":796},"2026-01-04",0.46718,{"date":798,"score":618,"percentile":799},"2026-01-05",0.46698,{"date":801,"score":618,"percentile":689},"2026-01-06",{"date":803,"score":618,"percentile":796},"2026-01-07",{"date":805,"score":618,"percentile":806},"2026-01-08",0.46739,{"date":808,"score":618,"percentile":721},"2026-01-09",{"date":810,"score":618,"percentile":811},"2026-01-10",0.46705,{"date":813,"score":618,"percentile":814},"2026-01-11",0.46683,{"date":816,"score":618,"percentile":817},"2026-01-12",0.46638,{"date":819,"score":618,"percentile":820},"2026-01-13",0.46607,{"date":822,"score":618,"percentile":823},"2026-01-14",0.46656,{"date":825,"score":618,"percentile":826},"2026-01-15",0.46649,{"date":828,"score":618,"percentile":829},"2026-01-16",0.46673,{"date":831,"score":618,"percentile":832},"2026-01-17",0.4665,{"date":834,"score":618,"percentile":835},"2026-01-18",0.46626,{"date":837,"score":618,"percentile":838},"2026-01-19",0.46596,{"date":840,"score":618,"percentile":838},"2026-01-20",{"date":842,"score":618,"percentile":843},"2026-01-21",0.46598,{"date":845,"score":618,"percentile":846},"2026-01-22",0.466,{"date":848,"score":618,"percentile":826},"2026-01-23",{"date":850,"score":618,"percentile":823},"2026-01-24",{"date":852,"score":618,"percentile":853},"2026-01-25",0.46602,{"date":855,"score":618,"percentile":856},"2026-01-26",0.46571,{"date":858,"score":618,"percentile":859},"2026-01-27",0.46576,{"date":861,"score":618,"percentile":862},"2026-01-28",0.46581,{"date":864,"score":618,"percentile":856},"2026-01-29",{"date":866,"score":618,"percentile":867},"2026-01-30",0.46582,{"date":869,"score":618,"percentile":870},"2026-01-31",0.4659,{"date":872,"score":618,"percentile":676},"2026-02-01",[874,884],{"source":569,"cvss_v2_0":875,"cvss_v3_0":9,"cvss_v3_1":880,"cvss_v4_0":9},{"baseScore":876,"baseSeverity":9,"vectorString":877,"impactScore":878,"exploitabilityScore":879},4,"AV:N/AC:L/Au:S/C:N/I:N/A:P",2.9,8,{"baseScore":567,"baseSeverity":881,"vectorString":570,"impactScore":882,"exploitabilityScore":883},"MEDIUM",2.3,7.2,{"source":582,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":885,"cvss_v4_0":9},{"baseScore":567,"baseSeverity":9,"vectorString":570,"impactScore":882,"exploitabilityScore":883},[887,913],{"ecosystem":888,"name":889,"vendor":890,"product":891,"cpe_part":9,"purl_type":892,"purl_namespace":890,"purl_name":891,"source":9,"versions":893},"Go","github.com/mattermost/mattermost-server","github.com/mattermost","mattermost-server","golang",[894,900,905,909],{"version":895,"is_range":896,"range_type":897,"version_start":9,"version_start_type":9,"version_end":898,"version_end_type":899,"fixed_in":9},"lt4_1_2_0_20171004201910_6be8113eb60c",true,"semver","4.1.2-0.20171004201910-6be8113eb60c","excluding",{"version":901,"is_range":896,"range_type":897,"version_start":902,"version_start_type":903,"version_end":904,"version_end_type":899,"fixed_in":9},"gte4_2_0_rc1_lt4_2_1_0_20171004192657_8fbbd688ea24","4.2.0-rc1","including","4.2.1-0.20171004192657-8fbbd688ea24",{"version":906,"is_range":896,"range_type":897,"version_start":907,"version_start_type":903,"version_end":908,"version_end_type":899,"fixed_in":9},"gte4_3_0_rc1_lt4_3_0","4.3.0-rc1","4.3.0",{"version":910,"is_range":896,"range_type":897,"version_start":911,"version_start_type":903,"version_end":912,"version_end_type":899,"fixed_in":9},"gte4_3_0_rc1+incompatible_lt4_3_0+incompatible","4.3.0-rc1+incompatible","4.3.0+incompatible",{"ecosystem":9,"name":914,"vendor":915,"product":916,"cpe_part":917,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":918},"mattermost server","mattermost","mattermost_server","a",[919,923,927,929,931,933],{"version":920,"is_range":896,"range_type":921,"version_start":9,"version_start_type":9,"version_end":922,"version_end_type":899,"fixed_in":9},"lt4.1.2","cpe","4.1.2",{"version":924,"is_range":896,"range_type":921,"version_start":925,"version_start_type":903,"version_end":926,"version_end_type":899,"fixed_in":9},"gte4.2.0_lt4.2.1","4.2.0","4.2.1",{"version":928,"is_range":563,"range_type":921,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.0:rc1",{"version":930,"is_range":563,"range_type":921,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.0:rc2",{"version":932,"is_range":563,"range_type":921,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.0:rc3",{"version":934,"is_range":563,"range_type":921,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.0:rc4"]