CVE-2022-1996

Authorization Bypass Through User-Controlled Key in go-restful in go/github.com/emicklei/go-restful/v2

Identifiers

GHSA-r48q-9g5r-8q2h, CVE-2022-1996

Package Slug

go/github.com/emicklei/go-restful/v2

Vulnerability

Authorization Bypass Through User-Controlled Key in go-restful

Description

Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.

Affected Versions

All versions up to 2.7.1

Solution

Upgrade to version 3.8.0 or above.

Last Modified

2022-06-10

source