VYPR

Go modules package

github.com/gtsteffaniak/filebrowser/backend

pkg:golang/github.com/gtsteffaniak/filebrowser/backend

Vulnerabilities (2)

  • CVE-2026-30933Mar 10, 2026
    affected < 0.0.0-20260307130210-09713b32a5f6fixed 0.0.0-20260307130210-09713b32a5f6

    FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.

  • CVE-2026-27611Feb 25, 2026
    affected < 0.0.0-20260221163904-dbcfba993b85fixed 0.0.0-20260221163904-dbcfba993b85

    FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direc