search

gin-contrib / timeout

Timeout middleware for Gin
MIT License
183 stars 37 forks source link

HTTP Response Splitting vulnerability identified #42

Closed boxa99 closed 11 months ago

boxa99 commented 1 year ago

Snyk has identified an issue with the github.com/gin-gonic/gin module, versions < 1.7.7

https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736

github.com/gin-contrib/timeout@v0.0.3 is depending on github.com/gin-gonic/gin@v1.7.2 and is being flagged in my scans. Please update your dependency when you have time

Kind Regards, Tom

pspencer-arculus commented 1 year ago

Hey Tom, in the go.mod it looks like the dependency was updated to 1.8.1.

appleboy commented 11 months ago

https://github.com/gin-contrib/timeout/blob/f338d36f1dca37a4e2e2b28e9a5e5bde18e67493/go.mod#L6