Lucene search
HistoryDec 27, 2022 - 10:15 p.m.
CVE-2019-25073
path sanitization
github
remote attackers
file access
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.004
Percentile
74.8%
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory.
Affected configurations
Node
goa.designgoaRange<1.4.3go
ORgoa.designgoaRange2.0.0–2.0.10go
ORgoa.designgoaRange3.0.0–3.0.9go
| Vendor | Product | Version | CPE |
|---|---|---|---|
| goa.design | goa | * | cpe:2.3:a:goa.design:goa:*:*:*:*:*:go:*:* |
Related
veracode
veracode
Path Traversal
2022-12-29 08:43:15
osv
osv
Path traversal in github.com/goadesign/goa
2021-04-14 20:04:52
Goa vulnerable to path traversal
2022-12-28 00:30:23
CVE-2019-25073
2022-12-27 22:15:11
gitlab
gitlab
cve
cve
CVE-2019-25073
2022-12-27 22:15:11
github
github
Goa vulnerable to path traversal
2022-12-28 00:30:23
prion
prion
Input validation
2022-12-27 22:15:00
cvelist
cvelist
CVE-2019-25073 Path traversal in github.com/goadesign/goa
2022-12-27 21:13:17
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.004
Percentile
74.8%
Related for NVD:CVE-2019-25073