Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines. https://pkg.go.dev/vuln/GO-2020-0001 https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d https://github.com/gin-gonic/gin/pull/2237
Created golang-github-gin-gonic tracking bugs for this issue: Affects: fedora-all [bug 2158255] Created golang-github-pact-foundation tracking bugs for this issue: Affects: fedora-all [bug 2158256] Created golang-github-tonistiigi-opentelemetry-contrib tracking bugs for this issue: Affects: fedora-all [bug 2158257] Created golang-opentelemetry-contrib tracking bugs for this issue: Affects: fedora-all [bug 2158258]
This issue has been addressed in the following products: MTA-6.0-RHEL-8 Via RHSA-2023:0934 https://access.redhat.com/errata/RHSA-2023:0934
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2023:1428 https://access.redhat.com/errata/RHSA-2023:1428
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-36567