Vulnerability Report: GO-2021-0084
- CVE-2019-16354, CVE-2019-16355, and 2 more
- Affects: github.com/astaxie/beego
- Published: Apr 14, 2021
- Modified: May 20, 2024
Session data is stored using permissive permissions, allowing local users with filesystem access to read arbitrary data.
Affected Packages
-
PathGo VersionsSymbols
-
before v1.12.2
Aliases
References
- https://github.com/beego/beego/pull/3975
- https://github.com/beego/beego/commit/bac2b31afecc65d9a89f9e473b8006c5edc0c8d1
- https://github.com/beego/beego/issues/3763
- https://vuln.go.dev/ID/GO-2021-0084.json
Credits
- @nicowaisman
Feedback
See anything missing or incorrect?
Suggest an edit to this report.