CVE-2021-30080

描述

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control.

受影響套件(5)

• Go/github.com/astaxie/beegofrom 0
• Go/github.com/beego/beegofrom 0, <= 1.12.11
• Go/github.com/beego/beegofrom 0
• Go/github.com/beego/beego/v2>= 2.0.0, < 2.0.3
• Go/github.com/beego/beego/v2>= 2.0.0, < 2.0.3

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-30080
• PATCHhttps://github.com/beego/beego
• WEBhttps://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519
• WEBhttps://github.com/beego/beego/pull/4459
• WEBhttps://pkg.go.dev/vuln/GO-2022-0572