CVE-2018-25059

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-25059

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-25059.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-25059

Aliases

Published

2022-12-30T11:15:10Z

Modified

2025-01-08T10:19:47.593651Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was found in pastebinit up to 0.2.2 and classified as problematic. Affected by this issue is the function pasteHandler of the file server.go. The manipulation of the argument r.URL.Path leads to path traversal. Upgrading to version 0.2.3 is able to address this issue. The name of the patch is 1af2facb6d95976c532b7f8f82747d454a092272. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217040.

References

Affected packages

Git / github.com/jessfraz/pastebinit

Affected ranges

Type: GIT
Repo: https://github.com/jessfraz/pastebinit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1af2facb6d95976c532b7f8f82747d454a092272

Fixed

1af2facb6d95976c532b7f8f82747d454a092272

Affected versions

v0.*

v0.1.0

v0.2.0

v0.2.1

v0.2.2