reports/GO-2020-0049.yaml - vulndb - Git at Google

 module: github.com/justinas/nosurf
 versions:
 - fixed: v1.1.1
 description: |
   [`VerifyToken`] can be bypassed if the expected token contains malformed Base64.
 published: 2021-04-14T12:00:00Z
 credit: '@aeneasr'
 symbols:
 - VerifyToken
 - verifyToken
 links:
   pr: https://github.com/justinas/nosurf/pull/60
   commit: https://github.com/justinas/nosurf/commit/4d86df7a4affa1fa50ab39fb09aac56c3ce9c314
	module: github.com/justinas/nosurf
	versions:
	- fixed: v1.1.1
	description: \|
	[`VerifyToken`] can be bypassed if the expected token contains malformed Base64.
	published: 2021-04-14T12:00:00Z
	credit: '@aeneasr'
	symbols:
	- VerifyToken
	- verifyToken
	links:
	pr: https://github.com/justinas/nosurf/pull/60
	commit: https://github.com/justinas/nosurf/commit/4d86df7a4affa1fa50ab39fb09aac56c3ce9c314