5 matches found
Directory Traversal
github.com/golang/gddo is vulnerable to directory traversal attacks. The vulnerability exists due to the tags in the packages that are fetched by github.com/golang/gddo, allowing directory traversal attacks...
CVE-2018-12976
In Go Doc Dot Org gddo through 2018-06-27, an attacker could use specially crafted tags in packages being fetched by gddo to cause a directory traversal and remote code execution...
Directory traversal
In Go Doc Dot Org gddo through 2018-06-27, an attacker could use specially crafted tags in packages being fetched by gddo to cause a directory traversal and remote code execution...
CVE-2018-12976
The CVE-2018-12976 vulnerability affects Go Doc Dot Org (gddo). An attacker could exploit specially crafted tags in packages fetched by gddo to trigger a directory traversal and remote code execution. This is due to the handling of go-import metadata in gddo’s fetch process. Impact is remote cod...
Infinite Redirection Loop
github.com/golang/gddo is vulnerable to infinite redirection loop. The weakness exist as TLS is removed before reaching gddo-server, causing an infinite loop that redirects to https...