Vulnerabilities > Beego > Beego > 2.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-31 | CVE-2024-40464 | Improper Certificate Validation vulnerability in Beego An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file | 8.8 |
2024-07-31 | CVE-2024-40465 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Beego An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in file.go file | 8.8 |
2022-07-05 | CVE-2022-31836 | Path Traversal vulnerability in Beego The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk. | 9.8 |