11 matches found
EUVD-2025-23882
Malicious code in bioql PyPI...
GHSA-VH9X-PHQ6-FX54 Duplicate Advisory: Denial of service via malicious preflight requests in github.com/rs/cors
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mh55-gqvf-xfwm. This link is maintained to preserve external references. Original Description Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include ...
CVE-2025-47908
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
CVE-2025-47908
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
UBUNTU-CVE-2025-47908
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
CVE-2025-47908 Denial of service via malicious preflight requests in github.com/rs/cors
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
CVE-2025-47908 Denial of service via malicious preflight requests in github.com/rs/cors
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
CVE-2025-47908
CVE-2025-47908 affects the Go middleware library github.com/rs/cors. Description in connected advisory confirms a DoS risk: processing malicious preflight requests with an Access-Control-Request-Headers header containing many commas triggers prohibitive heap allocations. Remediation provided by S...
Denial of service via malicious preflight requests in github.com/rs/cors
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
PT-2025-32214 · Unknown · Middleware
Name of the Vulnerable Software and Affected Versions: Middleware affected versions not specified Description: The middleware experiences excessive heap allocations when handling malicious preflight requests containing a large number of commas within the Access-Control-Request-Headers ACRH header...
CVE-2021-29431 SSRF in Sydent due to missing validation of hostnames
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perfor...