| packages: |
| - module: github.com/gin-gonic/gin |
| symbols: |
| - Context.ClientIP |
| versions: |
| - fixed: 0.0.0-20141229113116-0099840c98ae |
| description: | |
| Due to improper HTTP header santization, a malicious user can spoof their |
| source IP address by setting the X-Forwarded-For header. This may allow |
| a user to bypass IP based restrictions, or obfuscate their true source. |
| published: 2021-04-14T20:04:52Z |
| credit: '@nl5887' |
| links: |
| pr: https://github.com/gin-gonic/gin/pull/182 |
| commit: https://github.com/gin-gonic/gin/commit/0099840c98ae1473c5ff0f18bc93a8e13ceed829 |