Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal
Vulnerability Description
The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows users only.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
fasthttp 路径遍历漏洞
Vulnerability Description
fasthttp是Go 的快速 HTTP 实现。 fasthttp 1.34.0之前版本存在安全漏洞,该漏洞源于ServerFile函数缺少有效的过滤转义,导致目录遍历。攻击者可以发送“/%5c”字符利用该漏洞实现目录遍历。
CVSS Information
N/A
Vulnerability Type
N/A