Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-47908
Awaiting Analysis
More InfoOfficial Page
Source-security@golang.org
View Known Exploited Vulnerability (KEV) details
Published At-06 Aug, 2025 | 21:15
Updated At-07 Aug, 2025 | 21:26

Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/rs/cors/issues/170security@golang.org
N/A
https://github.com/rs/cors/pull/171security@golang.org
N/A
https://pkg.go.dev/vuln/GO-2024-2883security@golang.org
N/A
Change History
0Changes found
Details not found