5 matches found
DEBIAN-CVE-2022-41720
On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...
CVE-2022-41720
On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...
CVE-2022-41720
CVE-2022-41720 : On Windows, os.DirFS and http.Dir can access Windows device files (e.g., os.DirFS("C:/tmp").Open("COM1")); read-only, but a crafted path may escape a drive and reach arbitrary paths. The fix changes behavior of os.DirFS("") so that Open("tmp") no longer resolves to the root (prev...
GO-2022-1143 Restricted file access on Windows in os and net/http
On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...
Directory Traversal
Overview std/os is a Go standard library package std/os Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report: On Windows, restricted files can be accessed via os.DirFS and http.Dir.The os.DirFS function and http.Dir type provide access to a tree of file...