Описание
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | code not present |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| esm-apps/xenial | needed | |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
9.8 Critical
CVSS3
Связанные уязвимости
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
Usage of the CORS handler may apply improper CORS headers, allowing th ...
gorilla/handlers may allow requester to bypass expected behavior of the Same Origin Policy
9.8 Critical
CVSS3