Vulnerabilities > Beego > Beego > 1.10.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-05 | CVE-2022-31836 | Path Traversal vulnerability in Beego The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk. | 9.8 |
2022-05-21 | CVE-2022-31259 | Unspecified vulnerability in Beego The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. | 9.8 |
2022-04-05 | CVE-2021-27116 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.2 |
2022-04-05 | CVE-2021-27117 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.2 |
2022-04-05 | CVE-2021-30080 | Unspecified vulnerability in Beego An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control. | 7.5 |
2019-09-16 | CVE-2019-16355 | Incorrect Default Permissions vulnerability in Beego 1.10.0 The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files. | 2.1 |
2019-09-16 | CVE-2019-16354 | Race Condition vulnerability in Beego 1.10.0 The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions. | 1.9 |