Vulnerabilites related to github.com/gin-gonic/gin - github.com/gin-gonic/gin
cve-2023-29401
Vulnerability from cvelistv5
Published
2023-06-08 20:27
Modified
2025-01-06 19:30
Severity ?
EPSS score ?
Summary
The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of "setup.bat";x=.txt" will be sent as a file named "setup.bat". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| github.com/gin-gonic/gin | github.com/gin-gonic/gin |
Version: 1.3.1-0.20190301021747-ccb9e902956d ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:07:45.567Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gin-gonic/gin/issues/3555", }, { tags: [ "x_transferred", ], url: "https://github.com/gin-gonic/gin/pull/3556", }, { tags: [ "x_transferred", ], url: "https://github.com/gin-gonic/gin/releases/tag/v1.9.1", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2023-1737", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-29401", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-06T19:29:16.540610Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-06T19:30:14.833Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "github.com/gin-gonic/gin", product: "github.com/gin-gonic/gin", programRoutines: [ { name: "Context.FileAttachment", }, ], vendor: "github.com/gin-gonic/gin", versions: [ { lessThan: "1.9.1", status: "affected", version: "1.3.1-0.20190301021747-ccb9e902956d", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "motoyasu-saburi", }, ], descriptions: [ { lang: "en", value: "The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of \"setup.bat";x=.txt\" will be sent as a file named \"setup.bat\". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header.", }, ], problemTypes: [ { descriptions: [ { description: "CWE 20: Improper Input Validation", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:14:11.166Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://github.com/gin-gonic/gin/issues/3555", }, { url: "https://github.com/gin-gonic/gin/pull/3556", }, { url: "https://github.com/gin-gonic/gin/releases/tag/v1.9.1", }, { url: "https://pkg.go.dev/vuln/GO-2023-1737", }, ], title: "Improper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2023-29401", datePublished: "2023-06-08T20:27:15.057Z", dateReserved: "2023-04-05T19:36:35.042Z", dateUpdated: "2025-01-06T19:30:14.833Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-36567
Vulnerability from cvelistv5
Published
2022-12-27 20:58
Modified
2025-04-11 16:45
Severity ?
EPSS score ?
Summary
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| github.com/gin-gonic/gin | github.com/gin-gonic/gin |
Version: 0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:30:08.458Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gin-gonic/gin/pull/2237", }, { tags: [ "x_transferred", ], url: "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2020-0001", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2020-36567", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-11T16:45:06.925510Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-11T16:45:40.135Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "github.com/gin-gonic/gin", product: "github.com/gin-gonic/gin", programRoutines: [ { name: "LoggerWithConfig", }, { name: "Default", }, { name: "Logger", }, { name: "LoggerWithFormatter", }, { name: "LoggerWithWriter", }, ], vendor: "github.com/gin-gonic/gin", versions: [ { lessThan: "1.6.0", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "@thinkerou <thinkerou@gmail.com>", }, ], descriptions: [ { lang: "en", value: "Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-117 Improper Output Neutralization for Logs", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-06T18:28:26.763Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://github.com/gin-gonic/gin/pull/2237", }, { url: "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d", }, { url: "https://pkg.go.dev/vuln/GO-2020-0001", }, ], title: "Arbitrary log line injection in github.com/gin-gonic/gin", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2020-36567", datePublished: "2022-12-27T20:58:14.400Z", dateReserved: "2022-07-29T19:10:22.854Z", dateUpdated: "2025-04-11T16:45:40.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }