CVE-2021-27117

Name of the Vulnerable Software and Affected Versions beego versions through 2.0.2

Description An issue was discovered in the file profile.go in the function GetCPUProfile, allowing attackers to launch symlink attacks locally. The issue affects beego, an open-source, high-performance web framework for the Go programming language.

Recommendations For beego versions through 2.0.2, consider disabling the GetCPUProfile function in the profile.go file as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.