Lucene search
+L

6 matches found

vulnersosv
vulnersosv
added 2025/08/20 3:31 p.m.7 views

@elysiajs/apollo (>=0.4.3 <=1.0.3), @glowlabs-org/crm-bindings (>=0.0.43 <=0.1.2-alpha.2) +12 more potentially affected by CVE-2025-50864 via @elysiajs/cors (>=0.3.0 <=0.8.0)

@elysiajs/cors NPM version =0.3.0, =0.4.3, =0.0.43, =0.0.1, =0.10.78, =0.1.0, =0.0.1, =1.0.50, =1.0.0, =0.0.21, =1.0.50, =1.0.51 - volter =0.0.0 Source cves: CVE-2025-50864 Source advisory: OSV:GHSA-F9QJ-4C5X-CPCW...

6.5CVSS5.8AI score0.00442EPSS
Exploits0
snyk
snyk
added 2025/08/20 3:31 p.m.3 views

Origin Validation Error

Overview @elysiajs/cors is a Plugin for Elysia that for Cross Origin Requests CORs Affected versions of this package are vulnerable to Origin Validation Error via improper validation in the processOrigin function. An attacker can gain unauthorized access to user data by supplying a malicious orig...

6.9CVSS7AI score0.00442EPSS
Exploits0References2
nvd
nvd
added 2025/08/20 3:15 p.m.6 views

CVE-2025-50864

An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...

6.5CVSS0.00442EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/08/20 12:0 a.m.6 views

CVE-2025-50864

An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...

7.1AI score0.00442EPSS
Exploits0References4
cvelist
cvelist
added 2025/08/20 12:0 a.m.13 views

CVE-2025-50864

An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...

0.00442EPSS
Exploits0References4
osv
osv
added 2025/08/20 12:0 a.m.7 views

CVE-2025-50864

An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...

6.5CVSS5.9AI score0.00442EPSS
Exploits0References6
Rows per page
Query Builder