Back to bug 2203769
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2023-05-15 08:26:40 UTC | Fixed In Version | github.com/gin-gonic/gin 1.9.0 | |
| Doc Text | Gin-Gonic Gin could allow a remote attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted request using the X-Forwarded-Prefix header, an attacker could exploit this vulnerability to perform cache poisoning attacks. | |||
| Avinash Hanwate | 2023-05-15 08:26:53 UTC | Blocks | 2193196 | |
| Avinash Hanwate | 2023-05-15 08:27:36 UTC | CC | aveerama, dsimansk, dymurray, ellin, gparvin, ibolton, jcantril, jkoehler, jmatthew, jmontleo, lball, lgamliel, matzew, mfilanov, nboldt, njean, owatkins, pahickey, periklis, rfreiman, rgarg, rhuss, rjohnson, rrajasek, scorneli, shbose, skontopo, slucidi, sseago, stcannon, teagle, ubhargav | |
| Avinash Hanwate | 2023-05-15 08:28:41 UTC | Depends On | 2203771 | |
| Avinash Hanwate | 2023-05-15 08:38:38 UTC | Depends On | 2203777, 2203776, 2203775, 2203778 | |
| Borja Tarraso | 2023-05-15 10:07:10 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| RaTasha Tillery-Smith | 2023-05-15 13:51:57 UTC | Doc Text | Gin-Gonic Gin could allow a remote attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted request using the X-Forwarded-Prefix header, an attacker could exploit this vulnerability to perform cache poisoning attacks. | A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header. |
| Red Hat Bugzilla | 2023-05-15 18:03:39 UTC | CC | rrajasek | |
| Red Hat Bugzilla | 2023-07-07 08:34:28 UTC | Assignee | security-response-team | nobody |
| errata-xmlrpc | 2023-07-27 01:14:02 UTC | Link ID | Red Hat Product Errata RHSA-2023:4293 | |
| Product Security DevOps Team | 2023-07-27 06:17:14 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2023-07-27 06:17:14 UTC | |||
| errata-xmlrpc | 2023-08-14 01:03:02 UTC | Link ID | Red Hat Product Errata RHSA-2023:4627 |
Back to bug 2203769