Vulnerability Report: GO-2023-1611
- CVE-2023-27475, GHSA-fx2v-qfhr-4chv
- Affects: github.com/gookit/goutil
- Published: Mar 08, 2023
- Modified: Jun 12, 2023
fsutil.Unzip is vulnerable to path traversal attacks due to improper validation of paths.
For detailed information about this vulnerability, visit https://github.com/gookit/goutil/security/advisories/GHSA-fx2v-qfhr-4chv.
Affected Packages
-
PathVersionsSymbols
-
before v0.6.7
Aliases
References
- https://github.com/gookit/goutil/security/advisories/GHSA-fx2v-qfhr-4chv
- https://github.com/gookit/goutil/commit/d7b94fede71f018f129f7d21feb58c895d28dadc
- https://vuln.go.dev/ID/GO-2023-1611.json
Credits
- @cokeBeer
Feedback
See anything missing or incorrect?
Suggest an edit to this report.