Nosurf_project Nosurf
2 CVEs affecting Nosurf_project Nosurf. Latest disclosed: 2025-05-13. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-36564 | High | 7.5 | 2022-12-27 | Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be… |
CVE-2025-46721 | Medium | 6.1 | 2025-05-13 | nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on… |