5 matches found
Debian: Security Advisory (DLA-4151-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4151-1] golang-github-gorilla-csrf security update
-------------------------------------------------------------------------- Debian LTS Advisory DLA-4151-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura May 01, 2025 https://wiki.debian.org/LTS -...
Debian dla-4151 : golang-github-gorilla-csrf-dev - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4151 advisory. - -------------------------------------------------------------------------- Debian LTS Advisory DLA-4151-1 [email protected] https://www.debian.org/lts/security...
CVE-2025-24358
gorilla/csrf provides Cross Site Request Forgery CSRF prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes...
CVE-2025-24358 gorilla/csrf CSRF vulnerability due to broken Referer validation
gorilla/csrf provides Cross Site Request Forgery CSRF prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes...