CNNVD-202511-2369 Information

CNNVD ID

CNNVD-202511-2369

Related CVE

CVE-2025-13435

• CNNVD Published: 2025-11-20

Description (Chinese)

Resty是Go Resty开源的一个适用于 Go 的简单 HTTP 和 REST 客户端库。 Resty 1.3.1及之前版本存在路径遍历漏洞，该漏洞源于对参数filename的错误操作，可能导致路径遍历攻击。

Description (English)

Resty is a simple HTTP and REST client library for Go Open Source. Retty 1.3.1 and previous versions have path-to-path loopholes, which stem from a mishandling of parameter filename and may lead to path-to-path attacks.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Go Resty

Published

2025-11-20

Last Modified

2026-02-24

References

https://vuldb.com/?id.332979 https://vuldb.com/?ctiid.332979 https://vuldb.com/?submit.687603 https://github.com/Xzzz111/exps/blob/main/archives/Resty-PathTraversal-01/cve_application.md https://access.redhat.com/security/cve/cve-2025-13435