Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-FX95-883V-4Q4H
HistoryMar 18, 2022 - 12:01 a.m.

Path traversal in github.com/valyala/fasthttp

2022-03-1800:01:11
Google
osv.dev
69

0.002 Low

EPSS

Percentile

61.6%

JSON

The package github.com/valyala/fasthttp before 1.34.0 is vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. Note: This security issue impacts Windows users only.

CPENameOperatorVersion
github.com/valyala/fasthttplt1.34.0

Related

cve 1
ubuntucve 1
github 1
osv 2
veracode 1
cvelist 1
nvd 1
prion 1
ibm 2
cve
cve
CVE-2022-21221
2022-03-17 12:15:08
ubuntucve
ubuntucve
CVE-2022-21221
2022-03-17 00:00:00
github
github
Path traversal in github.com/valyala/fasthttp
2022-03-18 00:01:11
osv
osv
CVE-2022-21221
2022-03-17 12:15:08
Path traversal in github.com/valyala/fasthttp
2022-07-27 20:26:59
veracode
veracode
Directory Traversal
2022-03-18 11:02:42
cvelist
cvelist
CVE-2022-21221 Directory Traversal
2022-03-17 00:00:00
nvd
nvd
CVE-2022-21221
2022-03-17 12:15:08
prion
prion
Directory traversal
2022-03-17 12:15:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-04-24 19:15:42
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2024-01-31 19:31:55

0.002 Low

EPSS

Percentile

61.6%

JSON
Related for OSV:GHSA-FX95-883V-4Q4H
cve1ubuntucve1github1osv2veracode1cvelist1nvd1prion1ibm2