/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-7jmr-4jxx-578g

Published

Last updated

https://images.chainguard.dev/security/CGA-7jmr-4jxx-578g
Package

grafana-10.4

RepositoryWolfi
Latest Update
Under investigation
Aliases
  • GHSA-mh55-gqvf-xfwm

Severity

Unknown

Summary

Denial of service via malicious preflight requests in github.com/rs/cors

Description

Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs