Vulnerabilities > Beego > Beego > 2.0.3

DATE CVE VULNERABILITY TITLE RISK
2024-07-31 CVE-2024-40464 Improper Certificate Validation vulnerability in Beego
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file
network
low complexity
beego CWE-295
8.8
2024-07-31 CVE-2024-40465 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Beego
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in file.go file
network
low complexity
beego CWE-327
8.8
2022-07-05 CVE-2022-31836 Path Traversal vulnerability in Beego
The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk.
network
low complexity
beego CWE-22
critical
9.8