Filtered by vendor Goshs
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-35471 | 1 Goshs | 1 Goshs | 2026-04-09 | N/A | 9.8 CRITICAL |
| goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile() missing return after path traversal check. This vulnerability is fixed in 2.0.0-beta.3. | |||||
| CVE-2026-35393 | 1 Goshs | 1 Goshs | 2026-04-09 | N/A | 9.8 CRITICAL |
| goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.3. | |||||
| CVE-2026-35392 | 1 Goshs | 1 Goshs | 2026-04-09 | N/A | 9.8 CRITICAL |
| goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3. | |||||