Lucene search
GoogleOSV:GO-2021-0052HistoryApr 14, 2021 - 8:04 p.m.
Inconsistent interpretation of HTTP Requests in github.com/gin-gonic/gin
2021-04-1420:04:52
Google
osv.dev
8
Due to improper HTTP header sanitization, a malicious user can spoof their source IP address by setting the X-Forwarded-For header. This may allow a user to bypass IP based restrictions, or obfuscate their true source.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/gin-gonic/gin | lt | 1.7.7 |
References
github.com/gin-gonic/gin/commit/03e5e05ae089bc989f1ca41841f05504d29e3fd9
github.com/gin-gonic/gin/commit/5929d521715610c9dd14898ebbe1d188d5de8937
github.com/gin-gonic/gin/commit/bfc8ca285eb46dad60e037d57c545cd260636711
github.com/gin-gonic/gin/issues/2232
github.com/gin-gonic/gin/issues/2473
github.com/gin-gonic/gin/issues/2862
github.com/gin-gonic/gin/pull/2474
github.com/gin-gonic/gin/pull/2632
github.com/gin-gonic/gin/pull/2675
github.com/gin-gonic/gin/pull/2844
Related
osv
osv
GO-2020-0029
2021-04-14 20:04:52
CVE-2020-28483
2021-01-20 18:15:12
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin
2021-06-23 17:53:21
debiancve
debiancve
CVE-2020-28483
2021-01-20 18:15:12
cve
cve
CVE-2020-28483
2021-01-20 18:15:12
nvd
nvd
CVE-2020-28483
2021-01-20 18:15:12
veracode
veracode
Access Control Bypass
2021-01-21 09:10:08
cvelist
cvelist
CVE-2020-28483 HTTP Response Splitting
2021-01-20 00:00:00
github
github
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin
2021-06-23 17:53:21
redhatcve
redhatcve
CVE-2020-28483
2021-02-10 13:05:21
ubuntucve
ubuntucve
CVE-2020-28483
2021-01-20 00:00:00
prion
prion
Design/Logic Flaw
2021-01-20 18:15:00
