CRITICAL🇵🇱 Wersja polska

CVE-2022-40083

CVSS 9.6v3.1pub. 2022-09-28upd. 2025-05-21

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery (SSRF).

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  • Labstack Echo

    APP
    Labstack
    4.8.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SSRF
CWE
References

Related vulnerabilities

CVE-2026-25766MEDIUM5.3ten sam produkt

Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s `middleware.Static` using the d...

CVE-2020-36565MEDIUM5.3ten sam produkt

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal,...