This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/kataras/iris/v12 | lt | 12.2.0-alpha8 | |
github.com/kataras/iris | le | 0.0.2 |