Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fiber has an Arbitrary File Read in Static Middleware on Windows
Vulnerability Description
Fiber is an Express inspired web framework written in Go. A Path Traversal (CWE-22) vulnerability in Fiber allows a remote attacker to bypass the static middleware sanitizer and read arbitrary files on the server file system on Windows. This affects Fiber v3 through version 3.0.0. This has been patched in Fiber v3 version 3.1.0.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Fiber 路径遍历漏洞
Vulnerability Description
Fiber是Fiber开源的一款使用Go语言编写的开源Web框架。 Fiber v3 3.0.0及之前版本存在路径遍历漏洞,该漏洞源于静态中间件清理器可被绕过,可能导致在Windows服务器文件系统上读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A