What is CVE-2024-31457?

CVE-2024-31457 is a high-severity vulnerability in Flipped-aurora Gin-vue-admin, classified under Path Traversal. CVSS score: 7.7/10. Published 2024-04-09.

How severe is CVE-2024-31457?

High severity. CVSS v3 base score is 7.7 out of 10.

Path Traversal in Flipped-aurora Gin-vue-admin

CVE-2024-31457

gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. gin-vue-admin pseudoversion 0.0.0-20240407133540-7bc7c3051067, corresponding to version 2.6.1, has a code injection…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.009 (55.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H.

Affected products

Flipped-aurora Gin-vue-admin — versions < 0.0.0-20240409100909-b1b7427c6ea6

Weakness classification (CWE)

CWE-22 — Path Traversal

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2024-31457?: CVE-2024-31457 is a high-severity vulnerability in Flipped-aurora Gin-vue-admin, classified under Path Traversal. CVSS score: 7.7/10. Published 2024-04-09.
How severe is CVE-2024-31457?: High severity. CVSS v3 base score is 7.7 out of 10.