blob: a72a3cd0803d2045f441b3fa4d72ebc80b125607 [file] [log] [blame]
module: github.com/gofiber/fiber
versions:
- fixed: v1.12.6-0.20200710202935-a8ad5454363f
description: |
Due to improper input validation when uploading a file, a malicious user may
force the server to return arbitary HTTP headers when the uploaded file
is downloaded.
published: 2021-04-14T12:00:00Z
cve: CVE-2020-15111
credit: Hasibul Hasan and Abdullah Shaleh
symbols:
- Ctx.Attachment
links:
pr: github.com/gofiber/fiber/pull/579
commit: https://github.com/gofiber/fiber/commit/a8ad5454363f627c3f9469c56c5faaf1b943f06a
context:
- https://github.com/gofiber/fiber/security/advisories/GHSA-9cx9-x2gp-9qvh