{"id":"CVE-2025-20051","details":"Mattermost versions 10.4.x \u003c= 10.4.1, 9.11.x \u003c= 9.11.7, 10.3.x \u003c= 10.3.2, 10.2.x \u003c= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards.","aliases":["GHSA-v469-7wp6-7cvp","GO-2025-3483"],"modified":"2026-03-09T23:57:33.114128Z","published":"2025-02-24T08:15:10.087Z","related":["CGA-338x-p27c-g5p5","openSUSE-SU-2025:14889-1"],"references":[{"type":"ADVISORY","url":"https://mattermost.com/security-updates"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mattermost/mattermost-server","events":[{"introduced":"0bc2ddd42375a75ab14e63f038165150d4f07659"},{"fixed":"968fc9abd56d51d32880bca2f7cbcdff8c1af68c"},{"introduced":"9a578312304f06bb423d668fa8f1b975dc1fe79a"},{"fixed":"e246296facafd47a71e4b88c7f47647214f2712c"},{"introduced":"14facfa730253bbf4191d3346c2fd6f282c5b446"},{"fixed":"286f59a75888cafe4adf7759df6fb9df71321c2d"},{"introduced":"7c8c0b7464fa9cd2fbfb97c65d1475b4be2e765c"},{"fixed":"dabbe427c192a73527734aec5449a71acbe03535"}],"database_specific":{"versions":[{"introduced":"9.11.0"},{"fixed":"9.11.8"},{"introduced":"10.2.0"},{"fixed":"10.2.3"},{"introduced":"10.3.0"},{"fixed":"10.3.3"},{"introduced":"10.4.0"},{"fixed":"10.4.2"}]}}],"versions":["@mattermost/client@10.3.0","@mattermost/client@10.4.0","@mattermost/client@9.11.0","@mattermost/types@10.3.0","@mattermost/types@10.4.0","@mattermost/types@9.11.0","v10.2.0","v10.2.0-rc3","v10.2.1","v10.2.1-rc1","v10.2.2","v10.2.2-rc1","v10.3.0","v10.3.1","v10.3.1-rc1","v10.3.2","v10.3.2-rc1","v10.3.2-rc2","v10.4.0","v10.4.0-rc3","v10.4.1","v9.11.0","v9.11.0-rc3","v9.11.1","v9.11.1-rc1","v9.11.2","v9.11.2-rc1","v9.11.2-rc2","v9.11.3","v9.11.3-rc1","v9.11.3-rc2","v9.11.4","v9.11.4-rc1","v9.11.5","v9.11.5-rc1","v9.11.6","v9.11.6-rc1","v9.11.6-rc2","v9.11.7","v9.11.7-rc1","v9.11.7-rc2","v9.11.7-rc3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-20051.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}