Vulnerability Details CVE-2020-36567
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.4%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d
- https://github.com/gin-gonic/gin/pull/2237
- https://pkg.go.dev/vuln/GO-2020-0001
- https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d
- https://github.com/gin-gonic/gin/pull/2237
- https://pkg.go.dev/vuln/GO-2020-0001
Products affected by CVE-2020-36567
-
cpe:2.3:a:gin-gonic:gin:-
-
cpe:2.3:a:gin-gonic:gin:0.1
-
cpe:2.3:a:gin-gonic:gin:0.2
-
cpe:2.3:a:gin-gonic:gin:0.3
-
cpe:2.3:a:gin-gonic:gin:0.4
-
cpe:2.3:a:gin-gonic:gin:0.5
-
cpe:2.3:a:gin-gonic:gin:0.6
-
cpe:2.3:a:gin-gonic:gin:0.7.4
-
cpe:2.3:a:gin-gonic:gin:1.0
-
cpe:2.3:a:gin-gonic:gin:1.1
-
cpe:2.3:a:gin-gonic:gin:1.1.1
-
cpe:2.3:a:gin-gonic:gin:1.1.2
-
cpe:2.3:a:gin-gonic:gin:1.1.3
-
cpe:2.3:a:gin-gonic:gin:1.1.4
-
cpe:2.3:a:gin-gonic:gin:1.2
-
cpe:2.3:a:gin-gonic:gin:1.3.0
-
cpe:2.3:a:gin-gonic:gin:1.3.1-0.20190301021747-ccb9e902956d
-
cpe:2.3:a:gin-gonic:gin:1.4.0
-
cpe:2.3:a:gin-gonic:gin:1.5.0