Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2025-47908

Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.

Published: Aug 6, 2025
Updated: Aug 7, 2025
CVE: CVE-2025-47908
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/rs/cors/issues/170
https://github.com/rs/cors/pull/171
https://pkg.go.dev/vuln/GO-2024-2883

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo