VYPR
High severityNVD Advisory· Published Dec 20, 2018· Updated Aug 5, 2024

CVE-2018-20303

CVE-2018-20303

Description

In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gogs.io/gogsGo
< 0.11.80-0.20181218063808-ff93d9dbda5c0.11.80-0.20181218063808-ff93d9dbda5c

Affected products

1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.