7:["$","div",null,{"className":"pt-16","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"TechArticle\",\"headline\":\"CVE-2025-4981 — Dependency Blast Radius Analysis\",\"description\":\"Interactive analysis of open-source packages affected by CVE-2025-4981\",\"dateModified\":\"2025-07-08T17:59:42.473Z\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"EchelonGraph\",\"url\":\"https://echelongraph.io\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https://echelongraph.io/logo.png\"}},\"mainEntityOfPage\":\"https://echelongraph.io/pulse/CVE-2025-4981/blast-radius\",\"image\":\"https://echelongraph.io/og-image.png\",\"keywords\":\"CVE, blast radius, dependency, vulnerability, open source\"}"}}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://echelongraph.io\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE Pulse\",\"item\":\"https://echelongraph.io/pulse\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CVE-2025-4981\",\"item\":\"https://echelongraph.io/pulse/CVE-2025-4981\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Blast Radius\",\"item\":\"https://echelongraph.io/pulse/CVE-2025-4981/blast-radius\"}]}"}}],["$","section",null,{"className":"max-w-7xl mx-auto px-6 py-20","aria-labelledby":"blast-heading","children":[["$","nav",null,{"className":"flex items-center gap-2 text-xs mb-6","style":{"color":"var(--text-dim)"},"children":[["$","$Le",null,{"href":"/","className":"hover:underline","style":{"color":"var(--text-muted)"},"children":"Home"}],["$","span",null,{"children":"›"}],["$","$Le",null,{"href":"/pulse","className":"hover:underline","style":{"color":"var(--text-muted)"},"children":"CVE Pulse"}],["$","span",null,{"children":"›"}],["$","$Le",null,{"href":"/pulse/CVE-2025-4981","className":"hover:underline","style":{"color":"var(--text-muted)"},"children":"CVE-2025-4981"}],["$","span",null,{"children":"›"}],["$","span",null,{"style":{"color":"var(--text-secondary)"},"children":"Blast Radius"}]]}],false,["$","div",null,{"className":"mb-8","children":[["$","h1",null,{"id":"blast-heading","className":"text-3xl md:text-4xl font-black mb-2","style":{"color":"var(--text-primary)","textDecoration":"$undefined","textDecorationColor":"$undefined","opacity":1},"children":["CVE-2025-4981"," ",["$","span",null,{"className":"gradient-text","children":"Blast Radius"}]]}],["$","p",null,{"className":"text-sm","style":{"color":"var(--text-muted)"},"children":[["$","span",null,{"className":"inline-flex items-center px-2 py-0.5 rounded-full text-[10px] font-bold mr-2 border","style":{"background":"rgba(239,68,68,0.15)","color":"#ef4444","borderColor":"rgba(239,68,68,0.3)"},"children":"CRITICAL • CVSS 9.9"}],"Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archiv","…"]}]]}],["$","$L15",null,{"cveId":"CVE-2025-4981","description":"Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequences in filenames, potentially leading to remote code execution. The vulnerability impacts instances where file uploads and document search by content is enabled (FileSettings.EnableFileAttachments = true and FileSettings.ExtractContent = true). These configuration settings are enabled by default."}],["$","div",null,{"className":"glass-card p-8 text-center mt-8 glow-blue","children":[["$","h2",null,{"className":"text-lg font-bold mb-2","style":{"color":"var(--text-primary)"},"children":"Is Your Infrastructure Using These Packages?"}],["$","p",null,{"className":"text-sm mb-5","style":{"color":"var(--text-secondary)"},"children":["EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like ","CVE-2025-4981","."]}],["$","div",null,{"className":"flex items-center justify-center gap-3 flex-wrap","children":[["$","$Le",null,{"href":"/signup","className":"cta-primary","children":"Start Free Scan →"}],["$","$Le",null,{"href":"/pulse/CVE-2025-4981","className":"cta-secondary","children":["← Back to ","CVE-2025-4981"]}]]}]]}]]}]]}]

CVE-2025-4981 Blast Radius

Is Your Infrastructure Using These Packages?