Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit fa7c3550e4f9 · 2026-02-10T14:17:31.000Z
GHSA-34cx-hvm4-vx7j GHSA-fpcr-4rr5-hpcp GHSA-r6j5-fqx9-7qv9
diff --git a/advisories/github-reviewed/2022/05/GHSA-34cx-hvm4-vx7j/GHSA-34cx-hvm4-vx7j.json b/advisories/github-reviewed/2022/05/GHSA-34cx-hvm4-vx7j/GHSA-34cx-hvm4-vx7j.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-34cx-hvm4-vx7j",
-  "modified": "2026-02-06T22:48:56Z",
+  "modified": "2026-02-10T14:17:04Z",
   "published": "2022-05-24T17:21:06Z",
   "aliases": [
     "CVE-2017-18908"
@@ -10,7 +10,7 @@
   "details": "An issue was discovered in Mattermost Server before 4.0.0, 3.10.1, and 3.9.1. A password reset request was sometimes sent to an attacker-provided e-mail address.",
   "severity": [
     {
-      "type": "CVSS_V4",
+      "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
     }
   ],
diff --git a/advisories/github-reviewed/2022/05/GHSA-fpcr-4rr5-hpcp/GHSA-fpcr-4rr5-hpcp.json b/advisories/github-reviewed/2022/05/GHSA-fpcr-4rr5-hpcp/GHSA-fpcr-4rr5-hpcp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fpcr-4rr5-hpcp",
-  "modified": "2026-02-06T22:42:23Z",
+  "modified": "2026-02-10T14:16:10Z",
   "published": "2022-05-24T17:21:06Z",
   "aliases": [
     "CVE-2017-18906"
@@ -10,7 +10,7 @@
   "details": "An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.",
   "severity": [
     {
-      "type": "CVSS_V4",
+      "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
     }
   ],
diff --git a/advisories/github-reviewed/2022/05/GHSA-r6j5-fqx9-7qv9/GHSA-r6j5-fqx9-7qv9.json b/advisories/github-reviewed/2022/05/GHSA-r6j5-fqx9-7qv9/GHSA-r6j5-fqx9-7qv9.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r6j5-fqx9-7qv9",
-  "modified": "2026-02-06T22:50:29Z",
+  "modified": "2026-02-10T14:16:28Z",
   "published": "2022-05-24T17:21:06Z",
   "aliases": [
     "CVE-2017-18909"
@@ -10,7 +10,7 @@
   "details": "An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.",
   "severity": [
     {
-      "type": "CVSS_V4",
+      "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
     }
   ],

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-34cx-hvm4-vx7j",`
`4`		`- "modified": "2026-02-06T22:48:56Z",`
	`4`	`+ "modified": "2026-02-10T14:17:04Z",`
`5`	`5`	`"published": "2022-05-24T17:21:06Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2017-18908"`
`@@ -10,7 +10,7 @@`
`10`	`10`	`"details": "An issue was discovered in Mattermost Server before 4.0.0, 3.10.1, and 3.9.1. A password reset request was sometimes sent to an attacker-provided e-mail address.",`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`		`- "type": "CVSS_V4",`
	`13`	`+ "type": "CVSS_V3",`
`14`	`14`	`"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"`
`15`	`15`	`}`
`16`	`16`	`],`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-fpcr-4rr5-hpcp",`
`4`		`- "modified": "2026-02-06T22:42:23Z",`
	`4`	`+ "modified": "2026-02-10T14:16:10Z",`
`5`	`5`	`"published": "2022-05-24T17:21:06Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2017-18906"`
`@@ -10,7 +10,7 @@`
`10`	`10`	`"details": "An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.",`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`		`- "type": "CVSS_V4",`
	`13`	`+ "type": "CVSS_V3",`
`14`	`14`	`"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"`
`15`	`15`	`}`
`16`	`16`	`],`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-r6j5-fqx9-7qv9",`
`4`		`- "modified": "2026-02-06T22:50:29Z",`
	`4`	`+ "modified": "2026-02-10T14:16:28Z",`
`5`	`5`	`"published": "2022-05-24T17:21:06Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2017-18909"`
`@@ -10,7 +10,7 @@`
`10`	`10`	`"details": "An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.",`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`		`- "type": "CVSS_V4",`
	`13`	`+ "type": "CVSS_V3",`
`14`	`14`	`"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"`
`15`	`15`	`}`
`16`	`16`	`],`