CVE-2021-30080: Access control bypass

April 5, 2022 (updated April 12, 2022)

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control.

References

github.com/advisories/GHSA-28r6-jm5h-mrgg
github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519
nvd.nist.gov/vuln/detail/CVE-2021-30080

Code Behaviors & Features

Detect and mitigate CVE-2021-30080 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →