CVE-2022-47762: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

February 3, 2023 (updated February 10, 2023)

In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.

References

github.com/advisories/GHSA-x623-hr8h-7g5v
github.com/flipped-aurora/gin-vue-admin/issues/1309
nvd.nist.gov/vuln/detail/CVE-2022-47762

Detect and mitigate CVE-2022-47762 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →