Lucene search
MitreVULNRICHMENT:CVE-2019-25211HistoryJun 28, 2024 - 12:00 a.m.
CVE-2019-25211
2024-06-2800:00:00
mitre
github.com
3
gin-gonic
cors
wildcard
origin
security vulnerability
parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:gin-contrib:cors:*:*:*:*:*:*:*:*"
],
"vendor": "gin-contrib",
"product": "cors",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "1.6.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
osv
osv
CVE-2019-25211
2024-06-29 00:15:02
Gin mishandles a wildcard at the end of an origin string
2024-06-29 06:31:40
ubuntucve
ubuntucve
CVE-2019-25211
2024-06-29 00:00:00
redhatcve
redhatcve
CVE-2019-25211
2024-07-05 05:07:32
cvelist
cvelist
CVE-2019-25211
2024-06-28 00:00:00
github
github
Gin mishandles a wildcard at the end of an origin string
2024-06-29 06:31:40
debiancve
debiancve
CVE-2019-25211
2024-06-29 00:15:02
cve
cve
CVE-2019-25211
2024-06-29 00:15:02
nvd
nvd
CVE-2019-25211
2024-06-29 00:15:02
redhat
redhat
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2019-25211