Skip to content

x/vulndb: potential Go vuln in github.com/casdoor/casdoor: CVE-2022-38638, GHSA-9vm3-r8gq-cr6x #1006

New issue
New issue
Closed
Closed
x/vulndb: potential Go vuln in github.com/casdoor/casdoor: CVE-2022-38638, GHSA-9vm3-r8gq-cr6x#1006
Assignees
neild
Labels
excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.
@tatianab

Description

@tatianab
tatianab
opened on Sep 19, 2022

In GitHub Security Advisory GHSA-9vm3-r8gq-cr6x, there is a vulnerability in the following Go packages or modules:

Unit Fixed Vulnerable Ranges
github.com/casdoor/casdoor 1.103.1 < 1.103.1

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: TODO
    versions:
      - fixed: 1.103.1
    packages:
      - package: github.com/casdoor/casdoor
description: Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability
    via the fullFilePath parameter at /api/upload-resource.
cves:
  - CVE-2022-38638
ghsas:
  - GHSA-9vm3-r8gq-cr6x

Metadata

Metadata

Assignees

Labels

excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions