Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. **Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.
History

Thu, 07 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift
CPEs cpe:/a:redhat:openshift:4.13::el8
Vendors & Products Redhat openshift

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2023-05-04T05:00:01.441Z

Updated: 2024-08-02T11:39:06.575Z

Reserved: 2023-02-20T10:28:48.924Z

Link: CVE-2023-26125

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-05-04T05:15:09.163

Modified: 2024-11-21T07:50:49.567

Link: CVE-2023-26125

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-05-04T00:00:00Z

Links: CVE-2023-26125 - Bugzilla