High severity8.8NVD Advisory· Published Jul 31, 2024· Updated Jun 17, 2026
CVE-2024-40464
CVE-2024-40464
Description
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/beego/beego/v2Go | < 2.2.1 | 2.2.1 |
Affected products
28- osv-coords27 versionspkg:apk/chainguard/harbor-2.10pkg:apk/chainguard/harbor-2.10-jobservicepkg:apk/chainguard/harbor-2.10-portalpkg:apk/chainguard/harbor-2.10-portal-nginx-configpkg:apk/chainguard/harbor-2.10-registryctlpkg:apk/chainguard/harbor-2.11pkg:apk/chainguard/harbor-2.11-exporterpkg:apk/chainguard/harbor-2.11-jobservicepkg:apk/chainguard/harbor-2.11-photon-registrypkg:apk/chainguard/harbor-2.11-portalpkg:apk/chainguard/harbor-2.11-portal-nginx-configpkg:apk/chainguard/harbor-2.11-redis-compatpkg:apk/chainguard/harbor-2.11-registryctlpkg:apk/chainguard/harbor-fips-2.11pkg:apk/chainguard/harbor-fips-2.11-dbpkg:apk/chainguard/harbor-fips-2.11-exporterpkg:apk/chainguard/harbor-fips-2.11-jobservicepkg:apk/chainguard/harbor-fips-2.11-photon-registrypkg:apk/chainguard/harbor-fips-2.11-portalpkg:apk/chainguard/harbor-fips-2.11-redis-compatpkg:apk/chainguard/harbor-fips-2.11-registryctlpkg:apk/wolfi/harbor-2.11pkg:apk/wolfi/harbor-2.11-jobservicepkg:apk/wolfi/harbor-2.11-portalpkg:apk/wolfi/harbor-2.11-portal-nginx-configpkg:apk/wolfi/harbor-2.11-registryctlpkg:golang/github.com/beego/beego/v2
< 2.10.3-r1+ 26 more
- (no CPE)range: < 2.10.3-r1
- (no CPE)range: < 2.10.3-r1
- (no CPE)range: < 2.10.3-r1
- (no CPE)range: < 2.10.3-r1
- (no CPE)range: < 2.10.3-r1
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r22
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r28
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r25
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.11.2-r20
- (no CPE)range: < 2.2.1
Patches
Vulnerability mechanics
References
5- gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-r6qh-j42j-pw64ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-40464ghsaADVISORY
- github.com/beego/beego/commit/8f89e12e6cafb106d5c201dbc3b2a338bfde74e2ghsaWEB
- github.com/beego/beego/security/advisories/GHSA-6g9p-wv47-4fxqghsaWEB
News mentions
0No linked articles in our index yet.