Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,039
Maven
5,000+
npm
4,779
NuGet
824
pip
4,380
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow Moderate
CVE-2026-25882 was published for github.com/gofiber/fiber/v2 (Go) Feb 24, 2026
sixcolors Credited to sixcolors, TheAspectDev, gaby, and ReneWerner87 TheAspectDev TheAspectDev
gaby gaby ReneWerner87 ReneWerner87
Fiber panics when fiber.Ctx.BodyParser parses invalid range index High
CVE-2025-48075 was published for github.com/gofiber/fiber/v2 (Go) May 22, 2025
Batleram Credited to Batleram, sixcolors, efectn, ReneWerner87, and gaby sixcolors sixcolors
efectn efectn ReneWerner87 ReneWerner87 gaby gaby
Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials Critical
CVE-2024-25124 was published for github.com/gofiber/fiber/v2 (Go) Feb 22, 2024
gaby Credited to gaby, sixcolors, and ReneWerner87 sixcolors sixcolors
ReneWerner87 ReneWerner87
Go Fiber CSRF Token Validation Vulnerability High
CVE-2023-45141 was published for github.com/gofiber/fiber/v2 (Go) Oct 17, 2023
sixcolors Credited to sixcolors, ReneWerner87, gaby, and rosenblueh ReneWerner87 ReneWerner87
gaby gaby rosenblueh rosenblueh
Django Template Engine Vulnerable to XSS Critical
CVE-2024-22199 was published for github.com/gofiber/template/django/v3 (Go) Jan 11, 2024
bastianwegge Credited to bastianwegge, sixcolors, gaby, ReneWerner87, and efectn sixcolors sixcolors
gaby gaby ReneWerner87 ReneWerner87 efectn efectn
CSRF Token Reuse Vulnerability Critical
CVE-2023-45128 was published for github.com/gofiber/fiber/v2 (Go) Oct 17, 2023
rere61 Credited to rere61, sixcolors, the-hotmann, gaby, efectn, and ReneWerner87 sixcolors sixcolors
the-hotmann the-hotmann gaby gaby efectn efectn ReneWerner87 ReneWerner87
Fiber unauthorized access vulnerability in `ctx.IsFromLocal()` Moderate
CVE-2023-41338 was published for github.com/gofiber/fiber (Go) Sep 8, 2023
schicho Credited to schicho, gaby, efectn, jozsefsallai, and ReneWerner87 gaby gaby
efectn efectn jozsefsallai jozsefsallai ReneWerner87 ReneWerner87
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database