12 matches found
EUVD-2023-1005
Malicious code in bioql PyPI...
CVE-2023-27475
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
GHSA-FX2V-QFHR-4CHV Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
CVE-2023-27475
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
Path traversal
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
CVE-2023-27475 Goutil vulnerable to path traversal when unzipping files
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
CVE-2023-27475
This CVE concerns github.com/gookit/goutil, specifically the Unzip logic in fsutil.Unzip that can be exploited for path traversal (Zip Slip). The issue affects versions prior to 0.6.0 and is fixed by upgrading to 0.6.0 or later. The vulnerability arises from insufficient validation of relative fi...
CVE-2023-27475 Goutil vulnerable to path traversal when unzipping files
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
CVE-2023-27475 Goutil vulnerable to path traversal when unzipping files
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version...
PT-2023-21152 · Goutil · Goutil
Name of the Vulnerable Software and Affected Versions: Goutil versions prior to 0.6.0 Description: The issue is related to a ZipSlip vulnerability, which occurs when users use fsutil.Unzip to unzip zip files from a malicious attacker, potentially leading to path traversal attacks due to improper...
Goutil 路径遍历漏洞
Goutil is a library of some tool functions commonly used by Go. A path traversal vulnerability exists in versions of Goutil prior to 0.6.0, which stems from an improper restriction of pathnames to restricted directories in the software...