Uploaded image for project: 'Migration Toolkit for Applications'
  1. Migration Toolkit for Applications
  2. MTA-77

CVE-2020-36567 mta-hub-container: gin: Unsanitized input in the default logger in github.com/gin-gonic/gin [mta-6]

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • QE - Ack
    • None

      Security Tracking Issue

      Do not make this issue public.

      Impact: Moderate
      Reported Date: 28-Dec-2022
      PM Fix/Wontfix Decision By: 03-Feb-2023
      Resolve Bug By: 26-Jun-2023

      In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.

      Please review this tracker and its impact on your product or service, as soon as possible. The trackers are filed WITHOUT in-depth analysis as the vulnerability has a Low or Moderate severity impact on this product or service. For more details, please refer to following confluence page - https://docs.engineering.redhat.com/x/3e_3EQ

      Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9kKpDw

      Flaw:

      CVE-2020-36567 gin: Unsanitized input in the default logger in github.com/gin-gonic/gin
      https://bugzilla.redhat.com/show_bug.cgi?id=2156683

      Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.

      https://pkg.go.dev/vuln/GO-2020-0001
      https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d
      https://github.com/gin-gonic/gin/pull/2237

              jortel Jeff Ortel
              rhn-support-askrabec Anten Skrabec
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: