Github.Com/Gin Gonic/Gin
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:github.com/gin-gonic/gin:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Github.Com/Gin Gonic/Gin (5346a99e-12c3-5d19-8362-e01ec50735a8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-26125 |
vulnerable | 2026-06-08 05:57:38.668115 |
Details available
MEDIUM (5.6)
Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning.
**Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.
Published: 2023-05-04T05:00:01.441Z
Updated: 2025-01-29T16:57:46.620Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-28483 |
vulnerable | 2026-06-08 05:23:56.153451 |
HTTP Response Splitting
HIGH (7.1)
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
Published: 2021-01-20T17:46:29.476Z
Updated: 2024-09-16T17:28:31.192Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.