BestHub
search
Sign in
Tag

Path Traversal

1 views collected around this technical thread.

Java Architecture Diary
Java Architecture Diary
Sep 14, 2024 · Backend Development

Preventing Path Traversal in Spring MVC/Fn: Vulnerability Details and Fixes

This article explains how static resource handling via WebMvc.fn or WebFlux.fn can be exploited for path traversal, lists the affected Spring Framework and Spring Boot versions, and provides mitigation steps such as upgrading, enabling Spring Security HttpFirewall, or switching to Tomcat/Jetty.

JavaPath TraversalSpring Framework
0 likes · 5 min read
Preventing Path Traversal in Spring MVC/Fn: Vulnerability Details and Fixes
Laravel Tech Community
Laravel Tech Community
Sep 20, 2022 · Information Security

Path Traversal Vulnerability in Go net/url (CVE-2022-32190)

The Go net/url package contains a path traversal flaw (CVE-2022-32190) where JoinPath fails to strip "../" segments, allowing attackers to access sensitive files, affecting versions prior to 1.18.6 and 1.19.1, and can be mitigated by upgrading to the patched releases.

CVE-2022-32190GoInformation Security
0 likes · 3 min read
Path Traversal Vulnerability in Go net/url (CVE-2022-32190)