VYPR
Critical severityNVD Advisory· Published Apr 2, 2023· Updated Nov 22, 2024

sjqzhang go-fastdfs File Upload uploa upload path traversal

CVE-2023-1800

Description

A vulnerability, which was classified as critical, has been found in sjqzhang go-fastdfs up to 1.4.3. Affected by this issue is the function upload of the file /group1/uploa of the component File Upload Handler. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224768.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/sjqzhang/go-fastdfsGo
< 1.4.5-0.20230408141131-61cbff5124c61.4.5-0.20230408141131-61cbff5124c6

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.