Design/Logic Flaw

🗓️ 08 Jun 2023 21:15:00Reported by PRIOn knowledge baseType

The filename parameter of FileAttachment function lacks proper sanitization, allowing a malicious filename to manipulate the Content-Disposition header

Reporter	Title	Published	Views	Family All 26
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Cartridge for IBM Cloud Pak for Data 4.8.0 has addressed security vulnerabilities	29 Nov 202322:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion and IBM Storage Fusion HCI may be vulnerable to denial of service and improper file download via http-cache-semantics, Gin-Gonic, and YAML (CVE-2022-25881, CVE-2023-2251, CVE-2023-29401)	29 Aug 202317:28	–	ibm
Circl	CVE-2023-29401	20 May 202609:00	–	circl
CNNVD	Gin 安全漏洞	8 Jun 202300:00	–	cnnvd
CVE	CVE-2023-29401	8 Jun 202320:27	–	cve
Cvelist	CVE-2023-29401 Improper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin	8 Jun 202320:27	–	cvelist
Debian CVE	CVE-2023-29401	8 Jun 202320:27	–	debiancve
EUVD	EUVD-2023-1445	3 Oct 202520:07	–	euvd
GithubExploit	Exploit for Download of Code Without Integrity Check in Gin-Gonic Gin	20 May 202605:45	–	githubexploit
Github Security Blog	Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function	12 May 202320:19	–	github

Source	Link
pkg	www.pkg.go.dev/vuln/GO-2023-1737
github	www.github.com/gin-gonic/gin/releases/tag/v1.9.1
github	www.github.com/gin-gonic/gin/issues/3555
github	www.github.com/gin-gonic/gin/pull/3556

16 Jun 2023 12:45Current

4.6Medium risk

Vulners AI Score4.6

EPSS0.00432