Go modules package
github.com/flipped-aurora/gin-vue-admin
pkg:golang/github.com/flipped-aurora/gin-vue-admin
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22786 | — | <= 2.8.7 | — | Jan 12, 2026 | Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin <= v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. In the breakpoint_continue.go file, the MakeFile function | ||
| CVE-2025-66410 | — | < 0.9.1-0.20251201084432-ee8d8d7e04d9 | 0.9.1-0.20251201084432-ee8d8d7e04d9 | Dec 1, 2025 | Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder. | ||
| CVE-2022-47762 | — | < 2.5.5 | 2.5.5 | Feb 3, 2023 | In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability. |
- CVE-2026-22786Jan 12, 2026affected <= 2.8.7
Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin <= v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. In the breakpoint_continue.go file, the MakeFile function
- CVE-2025-66410Dec 1, 2025affected < 0.9.1-0.20251201084432-ee8d8d7e04d9fixed 0.9.1-0.20251201084432-ee8d8d7e04d9
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
- CVE-2022-47762Feb 3, 2023affected < 2.5.5fixed 2.5.5
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.