VYPR
Vendor

Rack Cors Project

Products
1
CVEs
1
Across products
1
Status
Private

Products

1

Recent CVEs

1
  • CVE-2017-11173HigJul 13, 2017
    risk 0.50cvss 8.8epss 0.02

    Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. If the configuration were intended to allow only the trusted example.com domain name and not the malicious example.net domain name, then…