Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gofiber fiber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22199
This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execut...
Gofiber Django
NA
CVE-2023-45128
Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an malicious user to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can a...
Gofiber Fiber
1 Github repository
NA
CVE-2023-45141
Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an malicious user to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized acti...
Gofiber Fiber
1 Github repository
NA
CVE-2023-41338
Fiber is an Express inspired web framework built in the go language. Versions of gofiber before 2.49.2 did not properly restrict access to localhost. This issue impacts users of our project who rely on the `ctx.IsFromLocal` method to restrict access to localhost requests. If expl...
Gofiber Fiber
516
VMScore
CVE-2020-15111
In Fiber before version 1.12.6, the filename that is given in c.Attachment() (https://docs.gofiber.io/ctx#attachment) is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With t...
Gofiber Fiber
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started