Описание
Privilege escalation in beego
beego is an open-source, high-performance web framework for the Go programming language. An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally.
Пакеты
Наименование
github.com/beego/beego/v2
go
Затронутые версииВерсия исправления
>= 2.0.0, < 2.0.2
2.0.2
Наименование
github.com/beego/beego
go
Затронутые версииВерсия исправления
Отсутствует
Связанные уязвимости
CVSS3: 7.8
nvd
почти 4 года назад
An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally.