CNNVD-202602-1330 Information

CNNVD ID

CNNVD-202602-1330

Related CVE

CVE-2025-66630

• CNNVD Published: 2026-02-09

Description (Chinese)

Fiber是Fiber开源的一款使用Go语言编写的开源Web框架。 Fiber 2.52.11之前版本存在安全特征问题漏洞，该漏洞源于UUID函数未返回错误，可能导致在安全关键路径中使用可预测或低熵标识符。

Description (English)

Fiber is an open-source Web framework in Go language. The previous version of Fiber 2.52.11 had a security feature loophole, which stemmed from the fact that the UUID function did not return an error, which could lead to the use of a predictable or low entropy identifier in a security critical path.

Vulnerability Type

安全特征问题

Affected Vendor

Fiber

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/gofiber/fiber/commit/eb874b6f6c5896b968d9b0ab2b56ac7052cb0ee1 https://github.com/gofiber/fiber/releases/tag/v2.52.11 https://github.com/gofiber/fiber/security/advisories/GHSA-68rr-p4fp-j59v

Patch

https://gofiber.io/