Fiber@* Security Vulnerabilities and Issues — Fiber@* CVE List

Lucene search

GofiberFiber*

3 matches found

CVE•added 2023/09/08 7:15 p.m.•2484 views

CVE-2023-41338

Fiber is an Express inspired web framework built in the go language. Versions of gofiber prior to 2.49.2 did not properly restrict access to localhost. This issue impacts users of our project who rely on the ctx.IsFromLocal method to restrict access to localhost requests. If exploited, it could all...

5.3CVSS5.1AI score0.00334EPSS

CVE•added 2023/10/16 9:15 p.m.•77 views

CVE-2023-45128

Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to injec...

10CVSS9.4AI score0.00072EPSS

CVE•added 2023/10/16 9:15 p.m.•59 views

CVE-2023-45141

Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized actions being taken on the us...

8.8CVSS8.8AI score0.00101EPSS