Exclude github.com/gin-gonic/gin vulnerable to CVE-2020-28483 (!4784) · Merge requests · GitLab.org / gitaly

James Fargher requested to merge gin_cve into master Aug 04, 2022

Fixes https://gitlab.com/gitlab-org/gitaly/-/issues/3629

The affected versions are transitive dependencies of gocloud.dev which is used by gitaly-backup to upload backups to object storage. This feature has not been hooked up to backup.rake.

There is no risk of exploitation.

Edited Aug 04, 2022 by James Fargher

Exclude github.com/gin-gonic/gin vulnerable to CVE-2020-28483

Merge request reports