Critical severityNVD Advisory· Published Dec 27, 2022· Updated Apr 11, 2025
Panic or authentication bypass in github.com/ecnepsnai/web
CVE-2021-4236
Description
Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not explicitly use WebSockets are not vulnerable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/ecnepsnai/webGo | >= 1.4.0, < 1.5.2 | 1.5.2 |
Affected products
2- github.com/ecnepsnai/web/github.com/ecnepsnai/webv5Range: 1.4.0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.