github.com/beego/beego is vulnerable to symlink attack. Lack of sufficient check for the existence of files created allows an attacker to use MemProf and GetCPUProfile commands to trigger the symbolic link attack locally.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/beego/beego | le | v2.0.7 | |
github.com/beego/beego | le | v2.0.7 |