Vulnerabilities > GIN Gonic > GIN > 1.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-29401 | Download of Code Without Integrity Check vulnerability in Gin-Gonic GIN The filename parameter of the Context.FileAttachment function is not properly sanitized. | 4.3 |
| 2023-05-04 | CVE-2023-26125 | Improper Input Validation vulnerability in Gin-Gonic GIN Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. **Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. | 7.3 |