Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39345

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.

Published

2022-10-25T17:15:56.407

Last Modified

2024-11-21T07:18:04.983

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-22
    CWE-23
  • Type: Primary
    CWE-22
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application gin-vue-admin_project gin-vue-admin < 2.5.4 Yes
References