Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than Expected
Vulnerability Description
ICG.AspNetCore.Utilities.CloudStorage is a collection of cloud storage utilities to assist with the management of files for cloud upload. Users of this library that set a duration for a SAS Uri with a value other than 1 hour may have generated a URL with a duration that is longer, or shorter than desired. Users not implemented SAS Uri's are unaffected. This issue was resolved in version 8.0.0 of the library.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
ICG.AspNetCore.Utilities.CloudStorage 访问控制错误漏洞
Vulnerability Description
aspnetcore.utilities.cloudstorage是IowaComputerGurus开源的一组云存储实用程序,用于协助管理云上传的文件。 ICG.AspNetCore.Utilities.CloudStorage 8.0.0之前版本存在访问控制错误漏洞,该漏洞源于会生成不符合预期时长的URL,导致在文件访问权限控制方面出现问题。
CVSS Information
N/A
Vulnerability Type
N/A