[GH-ISSUE #3487] 安全扫描监测到GoAhead-Server-环境变量注入漏洞 #2788

New issue

Closed

opened 2026-05-05 13:48:01 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented 2026-05-05 13:48:01 -06:00

Owner

Copy link

Originally created by @aiwatcher on GitHub (Jun 14, 2023).
Original GitHub issue: https://github.com/fatedier/frp/issues/3487

Bug Description

线上系统监测到有“GoAhead-Server-环境变量注入漏洞“攻击，请确认一下是否存在此安全漏洞。

frpc Version

v0.46.0

frps Version

v0.46.0

System Architecture

linux

Configurations

开了7000端口，token认证

Logs

No response

Steps to reproduce

...

Affected area

• Docs
• Installation
• Performance and Scalability
• Security
• User Experience
• Test and Release
• Developer Infrastructure
• Client Plugin
• Server Plugin
• Extensions
• Others

Originally created by @aiwatcher on GitHub (Jun 14, 2023). Original GitHub issue: https://github.com/fatedier/frp/issues/3487 ### Bug Description  线上系统监测到有“GoAhead-Server-环境变量注入漏洞“攻击，请确认一下是否存在此安全漏洞。 ### frpc Version v0.46.0 ### frps Version v0.46.0 ### System Architecture linux ### Configurations 开了7000端口，token认证 ### Logs _No response_ ### Steps to reproduce 1. 2. 3. ... ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror 2026-05-05 13:48:01 -06:00

• closed this issue
• added the
  lifecycle/stale
  label

gitea-mirror commented 2026-05-05 13:48:04 -06:00

Author

Owner

Copy link

@Becods commented on GitHub (Jun 16, 2023):

frp不使用GoAhead

c71efde303/go.mod (L1-L77)

<!-- gh-comment-id:1594350329 --> @Becods commented on GitHub (Jun 16, 2023): frp不使用GoAhead https://github.com/fatedier/frp/blob/c71efde303102cdb2a16a868391ac72c0828bee1/go.mod#L1-L77

gitea-mirror commented 2026-05-05 13:48:05 -06:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jul 17, 2023):

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

<!-- gh-comment-id:1637235738 --> @github-actions[bot] commented on GitHub (Jul 17, 2023): Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

new

master

copilot/review-pull-request-5198

v0.68.1

v0.68.0

v0.67.0

v0.66.0

v0.65.0

v0.64.0

v0.63.0

v0.62.1

v0.62.0

v0.61.2

v0.61.1

v0.61.0

v0.60.0

v0.59.0

v0.58.1

v0.58.0

v0.57.0

v0.56.0

v0.55.1

v0.55.0

v0.54.0

v0.53.2

v0.53.1

v0.53.0

v0.52.3

v0.52.2

v0.52.1

v0.52.0

v0.51.3

v0.51.2

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.1

v0.46.0

v0.45.0

v0.44.0

v0.43.0

v0.42.0

v0.41.0

v0.40.0

v0.39.1

v0.39.0

v0.38.0

v0.37.1

v0.37.0

v0.36.2

v0.36.1

v0.36.0

v0.35.1

v0.35.0

v0.34.3

v0.34.2

v0.34.1

v0.34.0

v0.33.0

v0.32.1

v0.32.0

v0.31.2

v0.31.1

v0.31.0

v0.30.0

v0.29.1

v0.29.0

v0.28.2

v0.28.1

v0.28.0

v0.27.1

v0.27.0

v0.26.0

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.3

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.0

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.1

v0.8.0

v0.7.0

v0.6.0

v0.5.0

v0.3.0

v0.2.0

v0.1.0

Labels

Clear labels   

In Progress

  

WIP

  

WaitingForInfo

  

bug

  

doc

  

duplicate

  

easy

  

enhancement

  

future

  

help wanted

  

invalid

  

lifecycle/stale

  

need-issue-template

  

need-usage-help

  

no plan

  

proposal

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

todo

No labels

In Progress

WIP

WaitingForInfo

bug

doc

duplicate

easy

enhancement

future

help wanted

invalid

lifecycle/stale

need-issue-template

need-usage-help

no plan

proposal

pull-request

question

todo

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2788

No description provided.