Vulnerable version of github.com/gin-gonic/gin module

[IzhakJakov]

Vulnerability found: Log Injection - SNYK-GOLANG-GITHUBCOMGINGONICGIN-550031

  URL: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-550031
  Package: github.com/gin-gonic/gin
  Version: 1.5.0
  Severity: medium

  Description: github.com/gin-gonic/gin is a package that implements a HTTP web framework called gin. Affected versions of this package are vulnerable to Log Injection due to improper sanitisation of user-controlled log output.

  Remediation: 1.7.7
  Updated at: 2020-06-12T14:36:56.522119Z

Vulnerability found: HTTP Response Splitting - SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736

  URL: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736
  Codes: [CVE-2020-28483]
  Package: github.com/gin-gonic/gin
  Version: 1.5.0
  Severity: high

  Description: github.com/gin-gonic/gin is a package that implements a HTTP web framework called gin.

    Remediation: 1.7.7
  Updated at: 2021-11-24T16:54:13.272056Z

[IzhakJakov]

❯ ggdh 'github.com/gin-gonic/gin'

       github.com/prometheus/prometheus
                      ⬇
  github.com/prometheus/alertmanager@v0.23.0
                      ⬇
          github.com/rs/cors@v1.8.0
                      ⬇
       github.com/gin-gonic/gin@v1.5.0

Need to upgrade to github.com/prometheus/alertmanager@v0.24.0 where this issue has been resolved.