blob: 7ec6058c673dfd8e4b7452021e313fa076cd57f1 [file] [log] [blame]
id: GO-2022-0463
modules:
- module: github.com/astaxie/beego
vulnerable_at: 1.12.3
packages:
- package: github.com/astaxie/beego
symbols:
- Tree.Match
derived_symbols:
- App.Run
- ControllerRegister.FindPolicy
- ControllerRegister.FindRouter
- ControllerRegister.ServeHTTP
- FilterRouter.ValidRouter
- InitBeegoBeforeTest
- Run
- RunWithMiddleWares
- TestBeegoInit
- adminApp.Run
- module: github.com/beego/beego
versions:
- fixed: 1.12.9
vulnerable_at: 1.12.8
packages:
- package: github.com/beego/beego
symbols:
- Tree.match
derived_symbols:
- App.Run
- ControllerRegister.FindPolicy
- ControllerRegister.FindRouter
- ControllerRegister.ServeHTTP
- FilterRouter.ValidRouter
- InitBeegoBeforeTest
- Run
- RunWithMiddleWares
- TestBeegoInit
- Tree.Match
- adminApp.Run
- module: github.com/beego/beego/v2
versions:
- fixed: 2.0.3
vulnerable_at: 2.0.2
packages:
- package: github.com/beego/beego/v2/server/web
symbols:
- Tree.match
derived_symbols:
- AddNamespace
- AddViewPath
- Any
- AutoPrefix
- AutoRouter
- BuildTemplate
- Compare
- CompareNot
- Controller.Abort
- Controller.Bind
- Controller.BindForm
- Controller.BindJSON
- Controller.BindProtobuf
- Controller.BindXML
- Controller.BindYAML
- Controller.CheckXSRFCookie
- Controller.CustomAbort
- Controller.Delete
- Controller.DestroySession
- Controller.Get
- Controller.GetBool
- Controller.GetFile
- Controller.GetFloat
- Controller.GetInt
- Controller.GetInt16
- Controller.GetInt32
- Controller.GetInt64
- Controller.GetInt8
- Controller.GetSecureCookie
- Controller.GetString
- Controller.GetStrings
- Controller.GetUint16
- Controller.GetUint32
- Controller.GetUint64
- Controller.GetUint8
- Controller.Head
- Controller.Input
- Controller.IsAjax
- Controller.JSONResp
- Controller.Options
- Controller.ParseForm
- Controller.Patch
- Controller.Post
- Controller.Put
- Controller.Redirect
- Controller.Render
- Controller.RenderBytes
- Controller.RenderString
- Controller.Resp
- Controller.SaveToFile
- Controller.SaveToFileWithBuffer
- Controller.ServeFormatted
- Controller.ServeJSON
- Controller.ServeJSONP
- Controller.ServeXML
- Controller.ServeYAML
- Controller.SessionRegenerateID
- Controller.SetData
- Controller.SetSecureCookie
- Controller.Trace
- Controller.URLFor
- Controller.XMLResp
- Controller.XSRFFormHTML
- Controller.XSRFToken
- Controller.YamlResp
- ControllerRegister.Add
- ControllerRegister.AddAuto
- ControllerRegister.AddAutoPrefix
- ControllerRegister.AddMethod
- ControllerRegister.AddRouterMethod
- ControllerRegister.Any
- ControllerRegister.CtrlAny
- ControllerRegister.CtrlDelete
- ControllerRegister.CtrlGet
- ControllerRegister.CtrlHead
- ControllerRegister.CtrlOptions
- ControllerRegister.CtrlPatch
- ControllerRegister.CtrlPost
- ControllerRegister.CtrlPut
- ControllerRegister.Delete
- ControllerRegister.FindPolicy
- ControllerRegister.FindRouter
- ControllerRegister.Get
- ControllerRegister.GetContext
- ControllerRegister.Handler
- ControllerRegister.Head
- ControllerRegister.Include
- ControllerRegister.Init
- ControllerRegister.InsertFilter
- ControllerRegister.Options
- ControllerRegister.Patch
- ControllerRegister.Post
- ControllerRegister.Put
- ControllerRegister.ServeHTTP
- ControllerRegister.URLFor
- CtrlAny
- CtrlDelete
- CtrlGet
- CtrlHead
- CtrlOptions
- CtrlPatch
- CtrlPost
- CtrlPut
- Date
- DateFormat
- DateParse
- Delete
- Exception
- ExecuteTemplate
- ExecuteViewPathTemplate
- FileSystem.Open
- FilterRouter.ValidRouter
- FlashData.Error
- FlashData.Notice
- FlashData.Set
- FlashData.Store
- FlashData.Success
- FlashData.Warning
- Get
- GetConfig
- HTML2str
- Handler
- Head
- Htmlquote
- Htmlunquote
- HttpServer.Any
- HttpServer.AutoPrefix
- HttpServer.AutoRouter
- HttpServer.CtrlAny
- HttpServer.CtrlDelete
- HttpServer.CtrlGet
- HttpServer.CtrlHead
- HttpServer.CtrlOptions
- HttpServer.CtrlPatch
- HttpServer.CtrlPost
- HttpServer.CtrlPut
- HttpServer.Delete
- HttpServer.Get
- HttpServer.Handler
- HttpServer.Head
- HttpServer.Include
- HttpServer.InsertFilter
- HttpServer.LogAccess
- HttpServer.Options
- HttpServer.Patch
- HttpServer.Post
- HttpServer.PrintTree
- HttpServer.Put
- HttpServer.RESTRouter
- HttpServer.Router
- HttpServer.RouterWithOpts
- HttpServer.Run
- Include
- InitBeegoBeforeTest
- InsertFilter
- LoadAppConfig
- LogAccess
- MapGet
- Namespace.Any
- Namespace.AutoPrefix
- Namespace.AutoRouter
- Namespace.Cond
- Namespace.CtrlAny
- Namespace.CtrlDelete
- Namespace.CtrlGet
- Namespace.CtrlHead
- Namespace.CtrlOptions
- Namespace.CtrlPatch
- Namespace.CtrlPost
- Namespace.CtrlPut
- Namespace.Delete
- Namespace.Filter
- Namespace.Get
- Namespace.Handler
- Namespace.Head
- Namespace.Include
- Namespace.Namespace
- Namespace.Options
- Namespace.Patch
- Namespace.Post
- Namespace.Put
- Namespace.Router
- NewControllerRegister
- NewControllerRegisterWithCfg
- NewHttpServerWithCfg
- NewHttpSever
- NewNamespace
- NotNil
- Options
- ParseForm
- Patch
- Policy
- Post
- PrintTree
- Put
- RESTRouter
- ReadFromRequest
- RenderForm
- Router
- RouterWithOpts
- Run
- RunWithMiddleWares
- TestBeegoInit
- Tree.AddRouter
- Tree.AddTree
- Tree.Match
- URLFor
- URLMap.GetMap
- URLMap.GetMapData
- Walk
- adminApp.Run
- adminController.AdminIndex
- adminController.Healthcheck
- adminController.ListConf
- adminController.ProfIndex
- adminController.PrometheusMetrics
- adminController.QpsIndex
- adminController.TaskStatus
- beegoAppConfig.Bool
- beegoAppConfig.DefaultBool
- beegoAppConfig.SaveConfigFile
- beegoAppConfig.Unmarshaler
summary: |-
Access control bypass due to broad route matching in github.com/beego/beego and
beego/v2
description: |-
Routes in the beego HTTP router can match unintended patterns. This overly-broad
matching may permit an attacker to bypass access controls.
For example, the pattern "/a/b/:name" can match the URL "/a.xml/b/". This may
bypass access control applied to the prefix "/a/".
published: 2022-07-01T20:06:59Z
cves:
- CVE-2022-31259
ghsas:
- GHSA-qx32-f6g6-fcfr
references:
- fix: https://github.com/beego/beego/pull/4958
- fix: https://github.com/beego/beego/commit/64cf44d725c8cc35d782327d333df9cbeb1bf2dd
- web: https://github.com/beego/beego/issues/4946
- web: https://github.com/beego/beego/pull/4954
review_status: REVIEWED