High severityNVD Advisory· Published Apr 5, 2022· Updated Aug 3, 2024
CVE-2021-30080
CVE-2021-30080
Description
An issue was discovered in the route lookup process in beego before 1.12.11 that allows attackers to bypass access control.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/beego/beego/v2Go | >= 2.0.0, < 2.0.3 | 2.0.3 |
github.com/beego/beegoGo | <= 1.12.11 | — |
Affected products
3- ghsa-coords2 versions
<= 1.12.11+ 1 more
- (no CPE)range: <= 1.12.11
- (no CPE)range: >= 2.0.0, < 2.0.3
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-28r6-jm5h-mrggghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-30080ghsaADVISORY
- github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519ghsaWEB
- github.com/beego/beego/pull/4459ghsaWEB
- pkg.go.dev/vuln/GO-2022-0572ghsaWEB
- github.com/beego/beego/releases/tag/v1.12.11mitre
News mentions
0No linked articles in our index yet.