Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gofiber fiber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22199
This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execut...
Gofiber Django
NA
CVE-2023-45128
Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an malicious user to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can a...
Gofiber Fiber
1 Github repository
NA
CVE-2023-45141
Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an malicious user to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized acti...
Gofiber Fiber
1 Github repository
NA
CVE-2023-41338
Fiber is an Express inspired web framework built in the go language. Versions of gofiber before 2.49.2 did not properly restrict access to localhost. This issue impacts users of our project who rely on the `ctx.IsFromLocal` method to restrict access to localhost requests. If expl...
Gofiber Fiber
5.8
CVSSv2
CVE-2020-15111
In Fiber before version 1.12.6, the filename that is given in c.Attachment() (https://docs.gofiber.io/ctx#attachment) is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With t...
Gofiber Fiber
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started