6 matches found
SUSE CVE-2026-35392
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35471
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile missing return after path traversal check. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile missing return after path traversal check. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35393
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.3...
goshs 路径遍历漏洞
Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.0-beta.3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of cleaning up POST multipart upload directories, which could lead to path traversal attacks...
CVE-2018-1000136
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node...