EPSS
Percentile
61.6%
github.com/valyala/fasthttp is vulnerable to directory traversal. Improper sanitization in ServeFile function makes it possible to be exploited by using a backslash %5c character in the path resulting in directory traversal vulnerability.
ServeFile
%5c
github.com/valyala/fasthttp/commit/15262ecf3c602364639d465daba1e7f3604d00e8
github.com/valyala/fasthttp/commit/6b5bc7bb304975147b4af68df54ac214ed2554c1
github.com/valyala/fasthttp/issues/1226
github.com/valyala/fasthttp/releases/tag/v1.34.0