go-aah/aah

Releases24

Frequency1 month 2 weeks

Last Release over 6 years ago

Stars684

A secure, flexible, rapid Go web framework

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-36559 ↗	Dec 27, 2022Tuesday, 27 December 2022, 22:15	7.5 HIGH	—
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.