Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update module github.com/rs/cors to v1.11.0 [security] #37

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Aug 6, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/rs/cors v1.10.1 -> v1.11.0 age adoption passing confidence

GitHub Vulnerability Alerts

GHSA-mh55-gqvf-xfwm

Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.


Release Notes

rs/cors (github.com/rs/cors)

v1.11.0

Compare Source

@renovate renovate bot changed the title fix(deps): update module github.com/rs/cors to v1.11.0 [security] fix(deps): update module github.com/rs/cors to v1.11.0 [security] - autoclosed Dec 17, 2024
@renovate renovate bot closed this Dec 17, 2024
@renovate renovate bot deleted the renovate/go-github.com-rs-cors-vulnerability branch December 17, 2024 12:04
@renovate renovate bot changed the title fix(deps): update module github.com/rs/cors to v1.11.0 [security] - autoclosed fix(deps): update module github.com/rs/cors to v1.11.0 [security] Dec 17, 2024
@renovate renovate bot reopened this Dec 17, 2024
@renovate renovate bot force-pushed the renovate/go-github.com-rs-cors-vulnerability branch from 43e7c10 to 870f0fb Compare December 17, 2024 17:29
@renovate renovate bot changed the title fix(deps): update module github.com/rs/cors to v1.11.0 [security] fix(deps): update module github.com/rs/cors to v1.11.0 [security] - autoclosed Dec 18, 2024
@renovate renovate bot closed this Dec 18, 2024
@renovate renovate bot changed the title fix(deps): update module github.com/rs/cors to v1.11.0 [security] - autoclosed fix(deps): update module github.com/rs/cors to v1.11.0 [security] Dec 18, 2024
@renovate renovate bot reopened this Dec 18, 2024
@renovate renovate bot force-pushed the renovate/go-github.com-rs-cors-vulnerability branch from 3ae093f to 870f0fb Compare December 18, 2024 05:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants