9 matches found
CVE-2026-37737
sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
CVE-2026-37737
sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
PT-2026-46962
sanic-cors version 2.2.0 and prior contains an improper regular expression in the try match function in sanic cors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
EUVD-2026-34844
sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
CVE-2026-37737
sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
CVE-2026-37737
sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...
CVE-2026-37737
Sanic-Cors 2.2.0 and earlier versions contain an improper regular expression in the try_match() function of sanic_cors/core.py that uses re.match without end anchoring. This allows bypassing CORS origin allowlists by registering a domain that starts with a trusted origin string, leading to unauth...
rsanic (>=0.1.1 <=0.4.0), sanic-cors (>=0.4.1 <=0.4.1.4) +1 more potentially affected by CVE-2017-16762 via sanic (>=0.3.1 <=0.5.0)
sanic PYPI version =0.3.1, =0.1.1, =0.4.1, =0.5.0, =0.5.0.1 Source cves: CVE-2017-16762 Source advisory: OSV:GHSA-MPMF-HR8P-P49G...
rsanic (>=0.1.1 <=0.4.0), sanic-cors (>=0.4.1 <=0.4.1.4) +1 more potentially affected by CVE-2017-16762 via sanic (>=0.3.1 <=0.5.0)
sanic PYPI version =0.3.1, =0.1.1, =0.4.1, =0.5.0, =0.5.0.1 Source cves: CVE-2017-16762 Source advisory: OSV:PYSEC-2017-40...