Go modules package
github.com/gtsteffaniak/filebrowser/backend
pkg:golang/github.com/gtsteffaniak/filebrowser/backend
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-30933 | — | < 0.0.0-20260307130210-09713b32a5f6 | 0.0.0-20260307130210-09713b32a5f6 | Mar 10, 2026 | FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1. | ||
| CVE-2026-27611 | — | < 0.0.0-20260221163904-dbcfba993b85 | 0.0.0-20260221163904-dbcfba993b85 | Feb 25, 2026 | FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direc |
- CVE-2026-30933Mar 10, 2026affected < 0.0.0-20260307130210-09713b32a5f6fixed 0.0.0-20260307130210-09713b32a5f6
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.
- CVE-2026-27611Feb 25, 2026affected < 0.0.0-20260221163904-dbcfba993b85fixed 0.0.0-20260221163904-dbcfba993b85
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direc