CVE-2024-55885
CVSS V2 None
CVSS V3 None
Description
beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponents due to its vulnerability to collision attacks. Version 2.3.4 replaces MD5 with SHA256.
Overview
- CVE ID
- CVE-2024-55885
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-12T19:23:14.239Z
- Last Modified Date
- 2024-12-12T19:23:14.239Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/beego/beego/security/advisories/GHSA-9j3m-fr7q-jxfw | x_refsource_CONFIRM |
https://github.com/beego/beego/commit/e7fa4835f71f47ab1d13afd638cebf661800d5a4 | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-55885 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55885 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-13 13:19:55 | Added to TrackCVE |