Github.Com/Gorilla/Handlers · Github.Com/Gorilla/Handlers · CVE-2017-20146
**Name of the Vulnerable Software and Affected Versions**
No specific software or versions are mentioned in the provided descriptions.
**Description**
The issue concerns the usage of the CORS handler, which may apply improper CORS headers. This allows the requester to explicitly control the value of the `Access-Control-Allow-Origin` header, bypassing the expected behavior of the Same Origin Policy. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.