reports/GO-2021-0084.toml - vulndb - Git at Google

 module = "github.com/astaxie/beego"
 package = "github.com/astaxie/beego/session"

 description = """
 Session data is stored using permissive permissions, allowing local users
 with filesystem access to read arbitary data.
 """

 cve = "CVE-2019-16354"

 credit = "@nicowaisman"

 symbols = ["FileProvider.SessionRead", "FileProvider.SessionRegenerate"]

 published = "2021-04-14T12:00:00Z"

 [[versions]]
 fixed = "v1.12.2-0.20200613154013-bac2b31afecc"

 [links]
 commit = "https://github.com/beego/beego/commit/bac2b31afecc65d9a89f9e473b8006c5edc0c8d1"
 pr = "https://github.com/beego/beego/pull/3975"
 context = ["https://github.com/beego/beego/issues/3763"]
	module = "github.com/astaxie/beego"
	package = "github.com/astaxie/beego/session"

	description = """
	Session data is stored using permissive permissions, allowing local users
	with filesystem access to read arbitary data.
	"""

	cve = "CVE-2019-16354"

	credit = "@nicowaisman"

	symbols = ["FileProvider.SessionRead", "FileProvider.SessionRegenerate"]

	published = "2021-04-14T12:00:00Z"

	[[versions]]
	fixed = "v1.12.2-0.20200613154013-bac2b31afecc"

	[links]
	commit = "https://github.com/beego/beego/commit/bac2b31afecc65d9a89f9e473b8006c5edc0c8d1"
	pr = "https://github.com/beego/beego/pull/3975"
	context = ["https://github.com/beego/beego/issues/3763"]