Lucene search
GoCVELIST:CVE-2020-36567HistoryDec 27, 2022 - 8:58 p.m.
CVE-2020-36567 Arbitrary log line injection in github.com/gin-gonic/gin
2022-12-2720:58:14
Go
www.cve.org
1
github
gin-gonic
log injection
remote attackers
unsanitized input
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
CNA Affected
[
{
"vendor": "github.com/gin-gonic/gin",
"product": "github.com/gin-gonic/gin",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/gin-gonic/gin",
"versions": [
{
"version": "0",
"lessThan": "1.6.0",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "LoggerWithConfig"
},
{
"name": "Default"
},
{
"name": "Logger"
},
{
"name": "LoggerWithFormatter"
},
{
"name": "LoggerWithWriter"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2020-36567
2022-12-27 21:15:10
osv
osv
CVE-2020-36567
2022-12-27 21:15:10
Gin's default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines
2022-12-27 21:30:20
Arbitrary log line injection in github.com/gin-gonic/gin
2021-04-14 20:04:52
ubuntucve
ubuntucve
CVE-2020-36567
2022-12-27 00:00:00
redhatcve
redhatcve
CVE-2020-36567
2022-12-28 07:04:51
cve
cve
CVE-2020-36567
2022-12-27 21:15:10
github
github
debiancve
debiancve
CVE-2020-36567
2022-12-27 21:15:10
prion
prion
Input validation
2022-12-27 21:15:00
veracode
veracode
Log Injection
2022-12-29 07:39:05
ibm
ibm
redhat
redhat