CVE-2025-48075 Fiber panics when fiber.Ctx.BodyParser parses invalid range index

Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, fiber.Ctx.BodyParser can map flat data to nested slices using keyidxvalue syntax, but when idx is negative, it causes a panic instead of returning an error stating it cannot process t...

CVE-2025-48075 Fiber panics when fiber.Ctx.BodyParser parses invalid range index

Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, fiber.Ctx.BodyParser can map flat data to nested slices using keyidxvalue syntax, but when idx is negative, it causes a panic instead of returning an error stating it cannot process t...

PT-2025-22526 · Fiber · Fiber

Name of the Vulnerable Software and Affected Versions: Fiber versions 2.52.6 through 2.52.6 Description: The issue affects the fiber.Ctx.BodyParser functionality, which can map flat data to nested slices using keyidxvalue syntax. However, when idx is negative, it causes a panic instead of returni...

http-proxy-middleware allows fixRequestBody to proceed even if bodyParser has failed

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed...

CVE-2025-32997

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed...

http-proxy-middleware 安全漏洞

http-proxy-middleware is a Node.js http proxy middleware for connect, express, next.js, etc. by Steven Chim Personal Developer. A security vulnerability exists in http-proxy-middleware versions prior to 2.0.9 and prior to 3.0.5, which stems from the bodyParser failing and continuing to process...

CVE-2025-32997

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed...

CVE-2025-32997

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed...