CNNVD-202508-412 Information

CNNVD ID

CNNVD-202508-412

Related CVE

CVE-2025-54801

• CNNVD Published: 2025-08-06

Description (Chinese)

Fiber是Fiber开源的一款使用Go语言编写的开源Web框架。 Fiber 2.52.8及之前版本存在安全漏洞，该漏洞源于未验证切片索引范围，可能导致整数溢出或内存耗尽。

Description (English)

Fiber is an open-source Web framework in Go language. The Fiber 2.52.8 and previous versions had a security loophole, which stemmed from the unverified scope of the slice index, which could result in an integer spill or depletion of memory.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Fiber

Published

2025-08-06

Last Modified

2026-02-24

References

https://github.com/gofiber/fiber/commit/e115c08b8f059a4a031b492aa9eef0712411853d https://github.com/gofiber/fiber/security/advisories/GHSA-qx2q-88mx-vhg7

Patch

https://github.com/gofiber/fiber/releases