Lucene search
CVE-2020-36564
Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid
Show more
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | GO-2020-0049 Improper input validation in github.com/justinas/nosurf | 14 Apr 202120:04 | – | osv |
| CVE-2020-36564 | 27 Dec 202222:15 | – | osv |
| GHSA-5X84-Q523-VVWR nosurf vulnerable to improper input validation | 28 Dec 202200:30 | – | osv |
 | CVE-2020-36564 | 27 Dec 202222:15 | – | nvd |
 | Improper Access Control | 19 Jan 202307:41 | – | veracode |
 | Input validation | 27 Dec 202222:15 | – | prion |
 | CVE-2020-36564 Improper input validation in github.com/justinas/nosurf | 27 Dec 202221:13 | – | vulnrichment |
 | CVE-2020-36564 Improper input validation in github.com/justinas/nosurf | 27 Dec 202221:13 | – | cvelist |
 | CVE-2020-36564 | 22 May 202517:36 | – | redhatcve |
 | nosurf vulnerable to improper input validation | 28 Dec 202200:30 | – | github |
10
Node
[
{
"vendor": "github.com/justinas/nosurf",
"product": "github.com/justinas/nosurf",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/justinas/nosurf",
"versions": [
{
"version": "0",
"lessThan": "1.1.1",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "VerifyToken"
},
{
"name": "verifyToken"
},
{
"name": "CSRFHandler.ServeHTTP"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo27 Dec 2022 22:15Current
7.5High risk
Vulners AI Score7.5
CVSS37.5
EPSS0.00073
SSVC