Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gin-Gonic CORS middleware 安全漏洞
Vulnerability Description
Gin-Gonic CORS middleware是Gin-Gonic开源的一个 Gin 中间件理程序。 Gin-Gonic CORS middleware 1.6.0之前版本存在安全漏洞,该漏洞源于对来源字符串末尾的通配符处理不当。
CVSS Information
N/A
Vulnerability Type
N/A