[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-47908":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":15,"downstream":16,"duplicates":29,"related":30,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":106,"kevs":138,"epss":139,"epss_history":142,"metrics":413,"affected":421},"CVE-2025-47908","Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.",null,[],[],[13,14],"GHSA-mh55-gqvf-xfwm","GO-2024-2883",[],[17,19,21,23,25,27],{"_key":18},"SUSE-SU-2025:3817-1",{"_key":20},"SUSE-SU-2025:3819-1",{"_key":22},"SUSE-SU-2025:4457-1",{"_key":24},"SUSE-SU-2025:4481-1",{"_key":26},"OPENSUSE-SU-2025:15424-1",{"_key":28},"UBUNTU-CVE-2025-47908",[],[31,32,33,34,35,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":18},{"_key":20},{"_key":22},{"_key":24},{"_key":26},{"_key":37},"CGA-2CH7-FPQW-WXM7",{"_key":39},"CGA-4HH3-XJ9V-M5PF",{"_key":41},"CGA-4Q8P-R7FW-X2QH",{"_key":43},"CGA-6392-2G9C-5XGW",{"_key":45},"CGA-68F4-CRV2-QX4H",{"_key":47},"CGA-6WWQ-7WQ7-4QC2",{"_key":49},"CGA-8W8P-XQ8V-22M7",{"_key":51},"CGA-9WX6-3XGP-F745",{"_key":53},"CGA-9X5Q-52QG-W96R",{"_key":55},"CGA-CCPC-45G2-49V8",{"_key":57},"CGA-F23V-GR4G-85G6",{"_key":59},"CGA-F9HW-WVC7-V8XJ",{"_key":61},"CGA-GPWC-7F5F-8M65",{"_key":63},"CGA-J6C8-QGXX-V95P",{"_key":65},"CGA-J7H3-V37V-34MR",{"_key":67},"CGA-JFWP-XGW2-88XX",{"_key":69},"CGA-M9GQ-993H-72V7",{"_key":71},"CGA-MP77-8XXR-PJ7F",{"_key":73},"CGA-MPFC-JX36-46XH",{"_key":75},"CGA-VC2M-GVQX-PVQX",{"_key":77},"CGA-W44M-H73Q-77VH",{"_key":79},"CGA-W6MF-RXG5-J7GH",{"_key":81},"CGA-W773-CXF8-CJQ6",{"_key":83},"CGA-W8G5-JPW3-R6WC",{"_key":85},"CGA-X3C7-GRH6-85JM",{"_key":87},"CGA-X55W-43WH-72R3",{"_key":89},"CGA-XJ7Q-H26W-WFXC",{"_key":91},"CGA-XP5F-FH8M-3GQR",{"_key":93},"CGA-GCMV-PXRJ-3X4W","2025-08-06T20:41:31.311Z","2025-08-07T13:47:15.232Z","Deferred",{"cisa_kev":98,"cisa_ransomware":98,"cisa_vendor":9,"epss_severity":99,"epss_score":100,"severity":101,"severity_score":102,"severity_version":103,"severity_source":104,"severity_vector":105,"severity_status":96},false,"low",0.00378,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[107,115,120,124,129,133],{"url":108,"sources":109,"tags":112},"https://github.com/rs/cors/pull/171",[104,110,111],"nvd","osv_go",[113,114],"WEB","FIX",{"url":116,"sources":117,"tags":118},"https://github.com/rs/cors/issues/170",[104,110,111],[113,119],"REPORT",{"url":121,"sources":122,"tags":123},"https://pkg.go.dev/vuln/GO-2024-2883",[104,110,111],[113],{"url":125,"sources":126,"tags":127},"https://nvd.nist.gov/vuln/detail/CVE-2025-47908",[111],[128],"Advisory",{"url":130,"sources":131,"tags":132},"https://github.com/rs/cors/commit/4c32059b2756926619f6bf70281b91be7b5dddb2",[111],[113],{"url":134,"sources":135,"tags":136},"https://github.com/rs/cors",[111],[137],"PACKAGE",[],{"date":140,"score":100,"percentile":141},"2026-06-05",0.59671,[143,147,150,153,156,159,162,165,168,170,173,176,179,182,185,188,191,194,197,200,202,205,208,211,214,217,220,223,226,229,232,235,238,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,286,289,292,295,298,301,304,307,309,312,315,318,322,326,329,332,335,338,341,344,347,350,353,356,360,363,366,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410],{"date":144,"score":145,"percentile":146},"2025-11-04",0.00056,0.17548,{"date":148,"score":145,"percentile":149},"2025-11-05",0.17567,{"date":151,"score":145,"percentile":152},"2025-11-06",0.17537,{"date":154,"score":145,"percentile":155},"2025-11-07",0.17556,{"date":157,"score":145,"percentile":158},"2025-11-08",0.17558,{"date":160,"score":145,"percentile":161},"2025-11-09",0.17531,{"date":163,"score":145,"percentile":164},"2025-11-10",0.17497,{"date":166,"score":145,"percentile":167},"2025-11-11",0.17517,{"date":169,"score":145,"percentile":155},"2025-11-12",{"date":171,"score":145,"percentile":172},"2025-11-13",0.17583,{"date":174,"score":145,"percentile":175},"2025-11-14",0.1758,{"date":177,"score":145,"percentile":178},"2025-11-15",0.17543,{"date":180,"score":145,"percentile":181},"2025-11-16",0.17508,{"date":183,"score":145,"percentile":184},"2025-11-17",0.17474,{"date":186,"score":145,"percentile":187},"2025-11-18",0.13123,{"date":189,"score":145,"percentile":190},"2025-11-19",0.13141,{"date":192,"score":145,"percentile":193},"2025-11-20",0.13158,{"date":195,"score":145,"percentile":196},"2025-11-21",0.17491,{"date":198,"score":145,"percentile":199},"2025-11-22",0.17505,{"date":201,"score":145,"percentile":184},"2025-11-23",{"date":203,"score":145,"percentile":204},"2025-11-24",0.17438,{"date":206,"score":145,"percentile":207},"2025-11-25",0.17428,{"date":209,"score":145,"percentile":210},"2025-11-26",0.17423,{"date":212,"score":145,"percentile":213},"2025-11-27",0.17429,{"date":215,"score":145,"percentile":216},"2025-11-28",0.17415,{"date":218,"score":145,"percentile":219},"2025-11-29",0.17397,{"date":221,"score":145,"percentile":222},"2025-11-30",0.17401,{"date":224,"score":145,"percentile":225},"2025-12-01",0.17443,{"date":227,"score":145,"percentile":228},"2025-12-02",0.17453,{"date":230,"score":145,"percentile":231},"2025-12-03",0.17462,{"date":233,"score":145,"percentile":234},"2025-12-04",0.17425,{"date":236,"score":145,"percentile":237},"2025-12-05",0.17472,{"date":239,"score":240,"percentile":241},"2025-12-06",0.00128,0.32902,{"date":243,"score":240,"percentile":244},"2025-12-07",0.32879,{"date":246,"score":240,"percentile":247},"2025-12-08",0.32888,{"date":249,"score":240,"percentile":250},"2025-12-09",0.32936,{"date":252,"score":240,"percentile":253},"2025-12-10",0.32995,{"date":255,"score":240,"percentile":256},"2025-12-11",0.33021,{"date":258,"score":240,"percentile":259},"2025-12-12",0.33053,{"date":261,"score":240,"percentile":262},"2025-12-13",0.33036,{"date":264,"score":240,"percentile":265},"2025-12-14",0.33012,{"date":267,"score":240,"percentile":268},"2025-12-15",0.32963,{"date":270,"score":240,"percentile":271},"2025-12-16",0.32987,{"date":273,"score":240,"percentile":274},"2025-12-17",0.33045,{"date":276,"score":240,"percentile":277},"2025-12-18",0.33095,{"date":279,"score":240,"percentile":280},"2025-12-19",0.3312,{"date":282,"score":240,"percentile":283},"2025-12-20",0.33103,{"date":285,"score":240,"percentile":274},"2025-12-21",{"date":287,"score":240,"percentile":288},"2025-12-22",0.33015,{"date":290,"score":240,"percentile":291},"2025-12-23",0.3301,{"date":293,"score":240,"percentile":294},"2025-12-24",0.33004,{"date":296,"score":240,"percentile":297},"2025-12-25",0.33071,{"date":299,"score":240,"percentile":300},"2025-12-26",0.33056,{"date":302,"score":240,"percentile":303},"2025-12-27",0.33062,{"date":305,"score":240,"percentile":306},"2025-12-28",0.32968,{"date":308,"score":240,"percentile":250},"2025-12-29",{"date":310,"score":240,"percentile":311},"2025-12-30",0.32931,{"date":313,"score":240,"percentile":314},"2025-12-31",0.3298,{"date":316,"score":240,"percentile":317},"2026-01-01",0.33127,{"date":319,"score":320,"percentile":321},"2026-01-02",0.0009,0.26104,{"date":323,"score":324,"percentile":325},"2026-01-03",0.00086,0.25455,{"date":327,"score":324,"percentile":328},"2026-01-04",0.25357,{"date":330,"score":324,"percentile":331},"2026-01-05",0.25338,{"date":333,"score":324,"percentile":334},"2026-01-06",0.25346,{"date":336,"score":324,"percentile":337},"2026-01-07",0.25374,{"date":339,"score":324,"percentile":340},"2026-01-08",0.25419,{"date":342,"score":324,"percentile":343},"2026-01-09",0.25398,{"date":345,"score":324,"percentile":346},"2026-01-10",0.25376,{"date":348,"score":324,"percentile":349},"2026-01-11",0.25353,{"date":351,"score":324,"percentile":352},"2026-01-12",0.25309,{"date":354,"score":324,"percentile":355},"2026-01-13",0.25286,{"date":357,"score":358,"percentile":359},"2026-01-14",0.00103,0.28832,{"date":361,"score":358,"percentile":362},"2026-01-15",0.28834,{"date":364,"score":358,"percentile":365},"2026-01-16",0.28863,{"date":367,"score":358,"percentile":365},"2026-01-17",{"date":369,"score":358,"percentile":370},"2026-01-18",0.2881,{"date":372,"score":358,"percentile":373},"2026-01-19",0.28774,{"date":375,"score":358,"percentile":376},"2026-01-20",0.28757,{"date":378,"score":358,"percentile":379},"2026-01-21",0.28697,{"date":381,"score":358,"percentile":382},"2026-01-22",0.2867,{"date":384,"score":358,"percentile":385},"2026-01-23",0.28746,{"date":387,"score":358,"percentile":388},"2026-01-24",0.28732,{"date":390,"score":358,"percentile":391},"2026-01-25",0.28653,{"date":393,"score":358,"percentile":394},"2026-01-26",0.28568,{"date":396,"score":358,"percentile":397},"2026-01-27",0.28548,{"date":399,"score":358,"percentile":400},"2026-01-28",0.28535,{"date":402,"score":358,"percentile":403},"2026-01-29",0.2849,{"date":405,"score":358,"percentile":406},"2026-01-30",0.2848,{"date":408,"score":358,"percentile":409},"2026-01-31",0.28481,{"date":411,"score":358,"percentile":412},"2026-02-01",0.28551,[414,419],{"source":104,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":415,"cvss_v4_0":9},{"baseScore":102,"baseSeverity":416,"vectorString":105,"impactScore":417,"exploitabilityScore":418},"HIGH",6,10,{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":420,"cvss_v4_0":9},{"baseScore":102,"baseSeverity":416,"vectorString":105,"impactScore":417,"exploitabilityScore":418},[422,433],{"ecosystem":9,"name":423,"vendor":423,"product":423,"cpe_part":424,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":425},"github.com/rs/cors","a",[426],{"version":427,"is_range":428,"range_type":104,"version_start":429,"version_start_type":430,"version_end":431,"version_end_type":432,"fixed_in":9},">= 1.9.0, \u003C 1.11.0",true,"1.9.0","including","1.11.0","excluding",{"ecosystem":434,"name":423,"vendor":435,"product":436,"cpe_part":9,"purl_type":437,"purl_namespace":435,"purl_name":436,"source":9,"versions":438},"Go","github.com/rs","cors","golang",[439],{"version":440,"is_range":428,"range_type":441,"version_start":429,"version_start_type":430,"version_end":431,"version_end_type":432,"fixed_in":9},"gte1_9_0_lt1_11_0","semver"]