Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery (SSRF).
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HLabstack Echo
APPLabstack4.8.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SSRF
Powiązane podatności
CVE-2026-25766MEDIUM5.3ten sam produkt
Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s `middleware.Static` using the d...
CVE-2020-36565MEDIUM5.3ten sam produkt
Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal,...