You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.
See doc/triage.md for instructions on how to triage this report.
modules:
- module: github.com/flipped-aurora/gin-vue-admin
packages:
- package: gin-vue-admin
description: |
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.
cves:
- CVE-2022-39345
references:
- web: https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-7gc4-r5jr-9hxv
- web: https://github.com/flipped-aurora/gin-vue-admin/issues/1263
- fix: https://github.com/flipped-aurora/gin-vue-admin/pull/1264
- web: https://github.com/flipped-aurora/gin-vue-admin/blob/main/server/service/system/sys_auto_code.go
The text was updated successfully, but these errors were encountered:
CVE-2022-39345 references github.com/flipped-aurora/gin-vue-admin, which may be a Go module.
Description:
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.
References:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: