reports/GO-2020-0029.yaml - vulndb - Git at Google

 packages:
   - module: github.com/gin-gonic/gin
     symbols:
       - Context.ClientIP
     versions:
       - fixed: 0.0.0-20141229113116-0099840c98ae
 description: |
     Due to improper HTTP header santization, a malicious user can spoof their
     source IP address by setting the X-Forwarded-For header. This may allow
     a user to bypass IP based restrictions, or obfuscate their true source.
 published: 2021-04-14T20:04:52Z
 credit: '@nl5887'
 links:
     pr: https://github.com/gin-gonic/gin/pull/182
     commit: https://github.com/gin-gonic/gin/commit/0099840c98ae1473c5ff0f18bc93a8e13ceed829
	packages:
	- module: github.com/gin-gonic/gin
	symbols:
	- Context.ClientIP
	versions:
	- fixed: 0.0.0-20141229113116-0099840c98ae
	description: \|
	Due to improper HTTP header santization, a malicious user can spoof their
	source IP address by setting the X-Forwarded-For header. This may allow
	a user to bypass IP based restrictions, or obfuscate their true source.
	published: 2021-04-14T20:04:52Z
	credit: '@nl5887'
	links:
	pr: https://github.com/gin-gonic/gin/pull/182
	commit: https://github.com/gin-gonic/gin/commit/0099840c98ae1473c5ff0f18bc93a8e13ceed829