Lucene search
PRIOn knowledge basePRION:CVE-2023-28105HistoryMar 16, 2023 - 5:15 p.m.
Path traversal
2023-03-1617:15:00
PRIOn knowledge base
www.prio-n.com
1
go
zipslip issue
fsutil package
unzip
malicious attacker
vulnerable
path traversal
nvd
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version 0.0.34. There are no known workarounds.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go-huge-util | lt | 0.0.34 |
Related
osv
osv
Go-huge-util vulnerable to path traversal when unzipping files
2023-03-16 18:32:38
Path traversal when unzipping files in github.com/dablelv/go-huge-util
2023-08-23 14:38:02
CVE-2023-28105
2023-03-16 17:15:09
github
github
Go-huge-util vulnerable to path traversal when unzipping files
2023-03-16 18:32:38
cve
cve
CVE-2023-28105
2023-03-16 17:15:09
nvd
nvd
CVE-2023-28105
2023-03-16 17:15:09
veracode
veracode
Path Traversal
2023-03-18 10:27:59
cvelist
cvelist