Описание
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
A flaw was found in gin when exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
Отчет
Red Hat Advanced Cluster Management for Kubernetes (RHACM) 2.0 is affected by this flaw as it uses the gin framework within Hive component for provisioning. However, versions beginning with RHACM 2.1 are not affected as the gin framework is not being used.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | gin | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
This affects all versions of package github.com/gin-gonic/gin. When gi ...
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin
EPSS
7.1 High
CVSS3