Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow
Vulnerability Description
Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to routes with more than 30 parameters. The vulnerability results from missing validation during route registration combined with an unbounded array write during request matching. Version 2.52.12 patches the issue in the v2 branch and 3.1.0 patches the issue in the v3 branch.
CVSS Information
N/A
Vulnerability Type
对数组索引的验证不恰当
Vulnerability Title
Fiber 安全漏洞
Vulnerability Description
Fiber是Fiber开源的一款使用Go语言编写的开源Web框架。 Fiber v2 2.52.12之前版本和v3 3.1.0之前版本存在安全漏洞,该漏洞源于路由注册期间缺少验证以及请求匹配期间存在无界数组写入,可能导致应用程序崩溃和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A