4 matches found
GHSA-5G39-PPWG-6XX8 Go-huge-util vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.0.34, Please upgrade version to v0.0.34 or above. Workarounds No, users have to upgrade...
Go-huge-util vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.0.34, Please upgrade version to v0.0.34 or above. Workarounds No, users have to upgrade...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
go-huge-util θ·―εΎιεζΌζ΄
go-huge-util is a utility function commonly used in Go. A path traversal vulnerability exists in go-huge-util versions prior to 0.0.34. This vulnerability can be exploited to access files and directories stored outside of the web root folder...