go.mod: upgrade dependency github.com/gin-contrib/gzip to latest version to avoid vulnerability

gin-contrib / gzip

Gin middleware to enable GZIP support.

MIT License

330 stars 87 forks source link

go.mod: upgrade dependency github.com/gin-contrib/gzip to latest version to avoid vulnerability #64

Closed mswathi-tw closed 2 years ago

mswathi-tw commented 2 years ago

We are using the latest version (github.com/gin-contrib/gzip@v0.0.5) which internally uses the following library

github.com/gin-contrib/gzip@v0.0.5 › github.com/gin-gonic/gin@v1.7.4

This has introduced certain snyk vulnerability HTTP Response Splitting and in order to solve this issue following library version has to be upgraded to github.com/gin-gonic/gin@1.7.7 or more.

Can you please upgrade it.

thinkerou commented 2 years ago

@mswathi-tw please upgrade to v0.0.6, thanks!

mswathi-tw commented 2 years ago

Thanks!!