Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24844 | 2 Gin-vue-admin Project, Postgresql | 2 Gin-vue-admin, Postgresql | 2022-05-16 | 6.5 MEDIUM | 8.8 HIGH |
| Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occur. Users must: Require JWT login? and be using PostgreSQL to be affected. This issue has been resolved in version 2.5.1. There are no known workarounds. | |||||
| CVE-2022-21660 | 1 Gin-vue-admin Project | 1 Gin-vue-admin | 2022-02-15 | 5.5 MEDIUM | 8.1 HIGH |
| Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds. | |||||
| CVE-2021-44219 | 1 Gin-vue-admin Project | 1 Gin-vue-admin | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Gin-Vue-Admin before 2.4.6 mishandles a SQL database. | |||||