CVEs in gabriel-vasile/mimetype package

gin-gonic / gin

Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.

https://gin-gonic.com/

MIT License

79.17k stars 8.03k forks source link

CVEs in gabriel-vasile/mimetype package #4086

Open AndrewYEEE opened 3 weeks ago

AndrewYEEE commented 3 weeks ago

Description

source: https://github.com/gabriel-vasile/mimetype/issues/601

There are many CVEs (~180+) reported for stdlib which is used in sample32.macho and sample64.macho test files on gabriel-vasile/mimetype package。

This vulnerability will be scanned together with gin. Is there any way to improve it?

AndrewYEEE commented 3 weeks ago

already fix in github.com/gabriel-vasile/mimetype@1.4.6, please update go module, thanks~