CGA-cr2f-xc2c-qjv3

Published

Last updated

https://images.chainguard.dev/security/CGA-cr2f-xc2c-qjv3

Package

harbor-2.11

Repository

Chainguard

Latest Update

Fixed

Fixed Version

2.11.1-r4

Aliases

CVE-2024-40464
GHSA-r6qh-j42j-pw64

Severity

Unknown

Summary

Beego privilege escalation vulnerability

Description

An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in the beego/core/logs/smtp.go file.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-40464
https://github.com/advisories/GHSA-r6qh-j42j-pw64
https://github.com/beego/beego/security/advisories/GHSA-6g9p-wv47-4fxq
https://github.com/beego/beego/commit/8f89e12e6cafb106d5c201dbc3b2a338bfde74e2
https://gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445
https://github.com/beego/beego

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-cr2f-xc2c-qjv3

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources