CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Iris-Go: >> Iris >> 12.1.8 Security Vulnerabilities

CVE-2021-23772

This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.

CVSS Score

7.5

EPSS Score

0.007

Published

2021-12-24

Page 1

Vulnerabilities

Vulnerable Software

Iris-Go: >> Iris >> 12.1.8 Security Vulnerabilities

Products

Pricing

Contact Us