3 matches found
free5GC ไปฃ็ ้ฎ้ขๆผๆด
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the NEF patch handlerโs inability to handle UDR calls properly, leading to null pointer dereferencing and...
FileBrowser Quantum: Path traversal in public share PATCH allows file ops outside shared directory
Summary publicPatchHandler in backend/http/public.go joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversa...
GHSA-QQQM-5547-774X FileBrowser Quantum: Path traversal in public share PATCH allows file ops outside shared directory
Summary publicPatchHandler in backend/http/public.go joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversa...