CVE-2020-36560

🗓️ 27 Dec 2022 22:11:15Reported by [email protected]Type

Improper path sanitization leads to file write outside target director

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Github Security Blog	go-unzip vulnerable to Path Traversal	28 Dec 202200:30	–	github
Veracode	Path Traversal (Zip Slip)	13 Feb 202420:24	–	veracode
Cvelist	CVE-2020-36560 Path traversal in github.com/artdarek/go-unzip	27 Dec 202221:13	–	cvelist
Vulnrichment	CVE-2020-36560 Path traversal in github.com/artdarek/go-unzip	27 Dec 202221:13	–	vulnrichment
OSV	GO-2020-0034 Path traversal in github.com/artdarek/go-unzip	14 Apr 202120:04	–	osv
OSV	GHSA-RMJ9-Q58G-9QGG go-unzip vulnerable to Path Traversal	28 Dec 202200:30	–	osv
OSV	CVE-2020-36560	27 Dec 202222:15	–	osv
Prion	Input validation	27 Dec 202222:15	–	prion
CVE	CVE-2020-36560	27 Dec 202222:15	–	cve

Nvd

Node

go-unzip_project go-unzipRange<1.0.0go

Source	Link
github	www.github.com/artdarek/go-unzip/pull/2
snyk	www.snyk.io/research/zip-slip-vulnerability
github	www.github.com/artdarek/go-unzip/commit/4975cbe0a719dc50b12da8585f1f207c82f7dfe0
pkg	www.pkg.go.dev/vuln/GO-2020-0034

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Dec 2022 22:15Current

CVSS39.1

EPSS0.0017

CWE-22