godoxy CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

godoxy vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to godoxy, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-33528 GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at `/api/v1/file/content` is vulnerable to path traversal. The `filename` query parameter is passed directly to `path.Join(common.ConfigBasePath, filename)` where `ConfigBasePath = "config"` (a relative path). No sanitization or validation is applied beyond checking that the field is non-empty (`binding:"required"`). An authenticated attacker can use `../` sequences to re [email protected] 6.5 0.50% 2026-03-26 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence