Lucene search
Veracode Vulnerability DatabaseVERACODE:21530HistorySep 17, 2019 - 3:01 a.m.
Insecure Session Management
2019-09-1703:01:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.0004 Low
EPSS
Percentile
5.1%
github.com/astaxie/beego uses an insecure session management. The excessive permissions configured on session files allows a local attacker to manipulate and modify session files before the application creates it in the world-accessible folder.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/astaxie/beego | eq | HEAD | |
| github.com/astaxie/beego | le | 1.12.1 |
References
Related
cvelist
cvelist
CVE-2019-16354
2019-09-16 14:10:55
github
github
Beego has a file creation race condition
2021-08-02 17:15:05
gitlab
gitlab
Incorrect Permission Assignment for Critical Resource
2021-08-02 00:00:00
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
2019-09-16 00:00:00
Incorrect Permission Assignment for Critical Resource
2021-08-02 00:00:00
prion
prion
Race condition
2019-09-16 15:15:00
cve
cve
CVE-2019-16354
2019-09-16 15:15:10
nvd
nvd
CVE-2019-16354
2019-09-16 15:15:10
osv
osv
Beego has a file creation race condition
2021-08-02 17:15:05
Incorrect permissions for critical resource in github.com/astaxie/beego
2021-04-14 20:04:52
CVE-2019-16354
2019-09-16 15:15:10