5 matches found
PT-2026-49553
Summary When dispatching a request, HTTPEndpoint selects the handler by lowercasing the HTTP method and looking it up as an attribute with getattr, without restricting the lookup to a known set of HTTP verbs. When an HTTPEndpoint subclass is registered through Route... without an explicit methods...
SUSE CVE-2026-25882
Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to routes with more than 30 parameters. The vulnerability results from missing validation during route...
Improper Validation of Array Index
Overview github.com/gofiber/fiber/v3 is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Improper Validation of Array Index via the route registration process. An attacker can cause the application to crash by sending requests to routes containi...
Improper Validation of Array Index
Overview github.com/gofiber/fiber is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Improper Validation of Array Index via the route registration process. An attacker can cause the application to crash by sending requests to routes containing...
Improper Validation of Array Index
Overview github.com/gofiber/fiber/v2 is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Improper Validation of Array Index via the route registration process. An attacker can cause the application to crash by sending requests to routes containi...