x/vulndb: potential Go vuln in github.com/gin-gonic/gin: CVE-2023-29401

Description

Gin is a web framework written in Go.
Gin prior to version v1.9.0 and below is vulnerable to Reflect File Download.
This problem occurs when FileAttachment() is used.
A PullRequest to correct this problem has been provided but has not yet been fixed.

Affected Modules, Packages, Versions and Symbols

Module: github.com/gin-gonic/gin
Package: github.com/gin-gonic/gin
Versions:
  - Introduced: 1.9.0
Symbols:
  - FileAttachment

Does this vulnerability already have an associated CVE ID?

No

CVE ID

No response

Credit

No response

CWE ID

No response

Pull Request

gin-gonic/gin#3556

Commit

No response

References

Report:
gin-gonic/gin#3555

Additional information

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Description

Affected Modules, Packages, Versions and Symbols

Does this vulnerability already have an associated CVE ID?

CVE ID

Credit

CWE ID

Pull Request

Commit

References

Additional information

Metadata

Assignees

Labels

Type

Proje 306A cts

Milestone

Relationships

Development

Description

Description

Affected Modules, Packages, Versions and Symbols

Does this vulnerability already have an associated CVE ID?

CVE ID

Credit

CWE ID

Pull Request

Commit

References

Additional information

Metadata

Metadata

Assignees

Labels

Type

Proje 306A cts

Milestone

Relationships

Development

Issue actions