Google Git
Sign in
go / vulndb / 239384d22e7d344377c000b7c20b39c22fc50b52 / . / data / cve / v5 / GO-2023-1737.json
blob: ad10b07d79e87a365a24366470666a4794a3c88c [file] [log] [blame]
{
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"cveMetadata": {
"cveId": "CVE-2023-29401"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
"title": "Improper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin",
"descriptions": [
{
"lang": "en",
"value": "The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of \"setup.bat\u0026quot;;x=.txt\" will be sent as a file named \"setup.bat\". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header."
}
],
"affected": [
{
"vendor": "github.com/gin-gonic/gin",
"product": "github.com/gin-gonic/gin",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/gin-gonic/gin",
"versions": [
{
"version": "1.3.1-0.20190301021747-ccb9e902956d",
"lessThan": "1.9.1",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "Context.FileAttachment"
}
],
"defaultStatus": "unaffected"
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE 20: Improper Input Validation"
}
]
}
],
"references": [
{
"url": "https://github.com/gin-gonic/gin/issues/3555"
},
{
"url": "https://github.com/gin-gonic/gin/pull/3556"
},
{
"url": "https://github.com/gin-gonic/gin/releases/tag/v1.9.1"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1737"
}
],
"credits": [
{
"lang": "en",
"value": "motoyasu-saburi"
}
]
}
}
}