VYPR

Go Billy

by Go Git

Source repositories

CVEs (2)

  • CVE-2026-44973HigMay 28, 2026
    risk 0.46cvss 8.1epss 0.00

    Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths (e.g., using ..) to escape intended base…

  • CVE-2026-44740MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues…