Vulnerability in Gofiber Fiber

CVE-2025-54801

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the appl…

EPSS: 0.004 (63.3th percentile) — read the EPSS interpretation.

Affected products

Gofiber Fiber — versions < 2.52.9

Weakness classification (CWE)

CWE-789

References

https://github.com/gofiber/fiber/security/advisories/GHSA-qx2q-88mx-vhg7 (x_refsource_CONFIRM)
https://github.com/gofiber/fiber/commit/e115c08b8f059a4a031b492aa9eef0712411853d (x_refsource_MISC)