NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2019-25211

概要	parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed.
公表日	2024年6月29日9:15
登録日	2024年6月29日16:00
最終更新日	2024年11月21日13:40

関連情報、対策とツール

No	URL	refsource	タグ
1	https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d
2	https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d
3	https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0
4	https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0
5	https://github.com/gin-contrib/cors/pull/106
6	https://github.com/gin-contrib/cors/pull/106
7	https://github.com/gin-contrib/cors/pull/57
8	https://github.com/gin-contrib/cors/pull/57
9	https://github.com/gin-contrib/cors/releases/tag/v1.6.0
10	https://github.com/gin-contrib/cors/releases/tag/v1.6.0

共通脆弱性一覧