Nosurf_project Nosurf

2 CVEs affecting Nosurf_project Nosurf. Latest disclosed: 2025-05-13. Critical: 0, High: 1.

Top CVEs affecting Nosurf_project Nosurf
CVESeverityScorePublishedSummary
CVE-2020-36564High7.52022-12-27Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be…
CVE-2025-46721Medium6.12025-05-13nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on…