CVE-2019-25073

Path traversal in github.com/goadesign/goa

CVSS 7.5 HIGHEPSS 1.4%

Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

github.com/goadesign/goa · github.com/goadesign/goa goa.design/goa · goa.design/goa goa.design/goa/v3 · goa.design/goa/v3

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/goadesign/goa/commit/70b5a199d0f813d74423993832c424e1fc73fb39 https://github.com/goadesign/goa/pull/2388 https://pkg.go.dev/vuln/GO-2020-0032