CVE-2022-31022
This CVE affects Bleve’s http package (bleve/http) used by its sample app. The CreateIndexHandler and DeleteIndexHandler allowed a user with server write access to create a new index directory and recursively delete directories owned by the same user, potentially exposing local filesystem risk. V...