CVE-2025-47908
Denial of service via malicious preflight requests in github.com/rs/cors
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
github.com/rs/cors · github.com/rs/cors¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →