Lucene search

CVE-2020-36559

🗓️ 27 Dec 2022 22:11:15Reported by GoType

Improper input sanitization in HTTPEngine.Handle allows directory traversal

Reporter	Title	Published	Views	Family All 9
Prion	Directory traversal	27 Dec 202222:15	–	prion
Veracode	Directory Traversal	30 Dec 202210:02	–	veracode
OSV	CVE-2020-36559	27 Dec 202222:15	–	osv
OSV	Path Traversal in aahframe.work	14 Apr 202120:04	–	osv
OSV	ahh vulnerable to Path Traversal	28 Dec 202200:30	–	osv
Cvelist	CVE-2020-36559 Path Traversal in aahframe.work	27 Dec 202221:13	–	cvelist
NVD	CVE-2020-36559	27 Dec 202222:15	–	nvd
GitLab Advisory Database	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	28 Dec 202200:00	–	gitlab
Github Security Blog	ahh vulnerable to Path Traversal	28 Dec 202200:30	–	github

Nvd

Node

aahframework aahRange<0.12.4go

[
  {
    "vendor": "aahframe.work",
    "product": "aahframe.work",
    "collectionURL": "https://pkg.go.dev",
    "packageName": "aahframe.work",
    "versions": [
      {
        "version": "0",
        "lessThan": "0.12.4",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "programRoutines": [
      {
        "name": "HTTPEngine.Handle"
      },
      {
        "name": "Application.Run"
      },
      {
        "name": "Application.ServeHTTP"
      },
      {
        "name": "Application.Start"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
github	www.github.com/go-aah/aah/pull/267
github	www.github.com/go-aah/aah/commit/881dc9f71d1f7a4e8a9a39df9c5c081d3a2da1ec
github	www.github.com/go-aah/aah/issues/266
pkg	www.pkg.go.dev/vuln/GO-2020-0033

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Dec 2022 22:15Current

7.3High risk

Vulners AI Score7.3

CVSS37.5

EPSS0.00099

CWE-22