Vulnerability Report: GO-2023-1998
- CVE-2023-37896, GHSA-2xx4-jj5v-6mff
- Affects: github.com/projectdiscovery/nuclei/v2
- Published: Aug 23, 2023
- Modified: May 20, 2024
Improper path sanitization in sandbox mode in github.com/projectdiscovery/nuclei/v2
For detailed information about this vulnerability, visit https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff.
Affected Packages
-
PathGo VersionsSymbols
-
before v2.9.9
3 unexported affected symbols
- init#1
- main
- readConfig
-
before v2.9.9
-
before v2.9.9
-
before v2.9.9
-
before v2.9.9
-
before v2.9.9
-
before v2.9.9
-
before v2.9.9
Aliases
References
- https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff
- https://github.com/projectdiscovery/nuclei/pull/3927
- https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9
- https://vuln.go.dev/ID/GO-2023-1998.json
Credits
- keomutchoiboi
Feedback
See anything missing or incorrect?
Suggest an edit to this report.