Количество 9
Количество 9
GHSA-8pjc-487g-w6p2
When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
CVE-2025-47910
When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
CVE-2025-47910
When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
CVE-2025-47910
When using http.CrossOriginProtection, the AddInsecureBypassPattern me ...
SUSE-SU-2025:03525-1
Security update for go1.25-openssl
SUSE-SU-2025:03524-1
Security update for go1.25-openssl
SUSE-SU-2025:03200-1
Security update for go1.25
BDU:2025-11599
Уязвимость языка программирования Go, связанная с неправильной проверкой входных данных, позволяющая нарушителю обойти существующие ограничения безопасности
ROS-20251014-11
Уязвимость golang
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-8pjc-487g-w6p2 When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections. | CVSS3: 5.4 | 0% Низкий | 2 месяца назад |
 | CVE-2025-47910 When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections. | CVSS3: 5.4 | 0% Низкий | 2 месяца назад |
 | CVE-2025-47910 When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections. | CVSS3: 5.4 | 0% Низкий | 2 месяца назад |
| CVE-2025-47910 When using http.CrossOriginProtection, the AddInsecureBypassPattern me ... | CVSS3: 5.4 | 0% Низкий | 2 месяца назад |
 | SUSE-SU-2025:03525-1 Security update for go1.25-openssl | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:03524-1 Security update for go1.25-openssl | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:03200-1 Security update for go1.25 | 0% Низкий | 3 месяца назад | |
 | BDU:2025-11599 Уязвимость языка программирования Go, связанная с неправильной проверкой входных данных, позволяющая нарушителю обойти существующие ограничения безопасности | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
 | ROS-20251014-11 Уязвимость golang | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу