VYPR

go-fastdfs-web

by perfree

CVEs (3)

  • CVE-2026-11437HigJun 6, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. The…

  • CVE-2026-6105HigApr 11, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The…

  • CVE-2026-3963LowMar 11, 2026
    risk 0.24cvss 3.7epss 0.00

    A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded…