github-actions[bot]
commented
3 months ago Issue still exists.
Open github-actions[bot] opened 3 months ago
github-actions[bot]
commented
3 months ago Issue still exists.
Description
Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read. This issue affects version through 4.1.17.
MEDIUM Vulnerable Package issue exists @ github.com/labstack/echo/v4 in branch master
Vulnerability ID: CVE-2020-36565
Package Name: github.com/labstack/echo/v4
Severity: MEDIUM
CVSS Score: 5.3
Publish Date: 2022-12-07T17:15:00
Current Package Version: v4.1.17
Remediation Upgrade Recommendation: v4.6.2-0.20211217124917-6b5e62b27ea0
Link To SCA
Reference – NVD link