CVE-2020-36567

Summary

Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.

Affected Software

VendorProductVersion RangeStatus
github.com/gin-gonic/gingithub.com/gin-gonic/gin0 < 1.6.0affected

Weaknesses

  • CWE-117 Improper Output Neutralization for Logs

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References