Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Goutil Project Subscribe
Filtered by product Goutil
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-27475 1 Goutil Project 1 Goutil 2023-03-15 N/A 8.8 HIGH
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version 0.6.0, users are advised to upgrade. There are no known workarounds for this issue.