Описание
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| golang-github-gin-gonic-gin | fixed | 1.8.1-1 | package | |
| golang-github-gin-gonic-gin | no-dsa | bullseye | package | |
| golang-github-gin-gonic-gin | postponed | buster | package |
Примечания
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736
https://github.com/gin-gonic/gin/pull/2474
https://github.com/gin-gonic/gin/commit/c9ea8ece4a3881028f7f715f008414346a7f4b88
EPSS
Связанные уязвимости
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin
EPSS