| module: github.com/gofiber/fiber |
| versions: |
| - fixed: v1.12.6-0.20200710202935-a8ad5454363f |
| description: | |
| Due to improper input validation when uploading a file, a malicious user may |
| force the server to return arbitary HTTP headers when the uploaded file |
| is downloaded. |
| published: 2021-04-14T12:00:00Z |
| cve: CVE-2020-15111 |
| credit: Hasibul Hasan and Abdullah Shaleh |
| symbols: |
| - Ctx.Attachment |
| links: |
| pr: github.com/gofiber/fiber/pull/579 |
| commit: https://github.com/gofiber/fiber/commit/a8ad5454363f627c3f9469c56c5faaf1b943f06a |
| context: |
| - https://github.com/gofiber/fiber/security/advisories/GHSA-9cx9-x2gp-9qvh |