CVE-2020-28483
Published
CVSS v3
7.1
HIGH
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.
Gin is a high-performance HTTP web framework written in Go. It provides a Martini-like API but with significantly better performance—up to 40 times faster—thanks to httprouter. Gin is designed for building REST APIs, web applications, and microservices.
GitHub