CVE-2022-24844

Name of the Vulnerable Software and Affected Versions Gin-vue-admin versions prior to 2.5.1

Description The issue occurs in the server/service/system/sys auto code pgsql.go code, which means PostgreSQL must be used as the database for this problem to occur. Users must have JWT login and be using PostgreSQL to be affected.

Recommendations For versions prior to 2.5.1, update to version 2.5.1 to resolve the issue. As a temporary workaround, consider disabling the sys auto code pgsql.go service until a patch is available. Restrict access to the PostgreSQL database to minimize the risk of exploitation. Avoid using the JWT login feature in conjunction with PostgreSQL until the issue is resolved.