CVE-2018-25059

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions pastebinit versions up to 0.2.2

Description A vulnerability was found in pastebinit, classified as problematic. The issue affects the function pasteHandler of the file server.go. The manipulation of the argument r.URL.Path leads to path traversal. Upgrading to version 0.2.3 can address this issue.

Recommendations For pastebinit versions up to 0.2.2, upgrade to version 0.2.3 to address the issue. As a temporary workaround, consider restricting access to the pasteHandler function in the server.go file until the upgrade is applied.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2018-25059

GHSA-CWH7-28VG-JMPR

GO-2022-1212

Affected Products

Pastebinit

CVE-2018-25059

Weakness Enumeration

Related Identifiers

Affected Products

References · 14