Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/filebrowser/filebrowser

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/filebrowser/filebrowser in go

High
1 day ago

File Browser has incorrect access control for public directory shares via rule path rebasing GSA_kwCzR0hTQS1qOWp4LWhwNGMtZ2hoaM4ABYod

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
1 day ago

File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames GSA_kwCzR0hTQS1neGp4LTdtNzQtaGNxOM4ABYoc

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
1 day ago

File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope GSA_kwCzR0hTQS0yMzl3LW0zaDYtY2g4ds4ABYob

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
1 day ago

File Browser has a DoS Vulnerability via Public Login API GSA_kwCzR0hTQS13NWZtLTY4ajQtZnBjNM4ABYoa

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
1 day ago

File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path GSA_kwCzR0hTQS0zcTJwLTcyY2otNjgyY84ABYoB

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
1 day ago

File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix GSA_kwCzR0hTQS01d3c5LWpnNnEtMzhyN84ABYn-

go github.com/filebrowser/filebrowser/v2, github.com/filebrowser/filebrowser
Moderate
5 months ago

File Browser Vulnerable to Username Enumeration via Timing Attack in /api/login GSA_kwCzR0hTQS00M21tLW0zaDItM3ByY84ABRUU

go github.com/filebrowser/filebrowser/v2, github.com/filebrowser/filebrowser
High
11 months ago

File Browser’s insecure JWT handling can lead to session replay attacks after logout GSA_kwCzR0hTQS03eHdwLTJjcHAtcDhyN84ABKOp

go github.com/filebrowser/filebrowser
Moderate
12 months ago

File Browser vulnerable to insecure password handling GSA_kwCzR0hTQS1jbTJyLXJnN3ItcDdnZ84ABJkh

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Low
12 months ago

File Browser's password protection of links is bypassable GSA_kwCzR0hTQS0zdjQ4LTI4M3gtZjJ3NM4ABJkg

go github.com/filebrowser/filebrowser
High
12 months ago

File Browser vulnerable to command execution allowlist bypass GSA_kwCzR0hTQS13N3FjLTZncmotdzdyOM4ABJkf

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
12 months ago

File Browser allows sensitive data to be transferred in URL GSA_kwCzR0hTQS1ybXdoLWczNjctbWo0eM4ABJkd

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
12 months ago

filebrowser allows Stored Cross-Site Scripting through the Markdown preview function GSA_kwCzR0hTQS00d3g4LTVnbTItMmo5N84ABJfl

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
12 months ago

filebrowser Sets Insecure File Permissions GSA_kwCzR0hTQS1qajJyLTQ1NXAtNWd2Zs4ABJfk

go github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2

Filter by Severity

High 7 Moderate 6 Low 1