github.com/labstack/echo/v4 (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/labstack/echo/v4, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2022-40083 — CVSS 9.6 (critical): Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be…
CVE-2020-36565 — CVSS 5.3 (medium): Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read…