Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-55885

Dec. 12, 2024, 8:15 p.m.

Tags

security-advisories@github.com
CWE-327
2024-12-12
CVE-2024-55885

Product(s) Impacted

beego

  • before 2.3.4

Description

beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponents due to its vulnerability to collision attacks. Version 2.3.4 replaces MD5 with SHA256.

Weaknesses

CWE-327
Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

CWE ID: 327

Date

Published: Dec. 12, 2024, 8:15 p.m.

Last Modified: Dec. 12, 2024, 8:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security-advisories@github.com

References

https://github.com/ security-advisories@github.com
https://github.com/ security-advisories@github.com