blob: 9194bdcfa25738b239dfd69c859406db339338d0 [file] [log] [blame]
packages:
- module: github.com/gin-gonic/gin
symbols:
- Context.ClientIP
versions:
- fixed: 0.0.0-20141229113116-0099840c98ae
description: |
Due to improper HTTP header santization, a malicious user can spoof their
source IP address by setting the X-Forwarded-For header. This may allow
a user to bypass IP based restrictions, or obfuscate their true source.
published: 2021-04-14T20:04:52Z
credit: '@nl5887'
links:
pr: https://github.com/gin-gonic/gin/pull/182
commit: https://github.com/gin-gonic/gin/commit/0099840c98ae1473c5ff0f18bc93a8e13ceed829