ecnepsnai/web

Releases38

Frequency1 month 4 weeks

Last Release over 1 year ago

Stars1

A HTTP server in Golang for sophisticated web applications.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-4236 ↗	Dec 27, 2022Tuesday, 27 December 2022, 22:15	9.8 CRITICAL	—
Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not explicitly use WebSockets are not vulnerable.