CVE ID :CVE-2026-45045
Published : July 8, 2026, 7:26 p.m. | 20 minutes ago
Description :Fiber is an Express inspired web framework written in Go. Prior to 3.3.0 and 2.52.14, the BalancerForward proxy helper in middleware/proxy/proxy.go uses Header.Add() instead of Header.Set() when injecting X-Real-IP, allowing an attacker-supplied first X-Real-IP value to be forwarded to upstream servers for logging, rate limiting, and access control. This issue is fixed in version 3.3.0 and 2.52.14.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
from Latest Vulnerabilities https://ift.tt/wtEJnqo
via IFTTT
Published : July 8, 2026, 7:26 p.m. | 20 minutes ago
Description :Fiber is an Express inspired web framework written in Go. Prior to 3.3.0 and 2.52.14, the BalancerForward proxy helper in middleware/proxy/proxy.go uses Header.Add() instead of Header.Set() when injecting X-Real-IP, allowing an attacker-supplied first X-Real-IP value to be forwarded to upstream servers for logging, rate limiting, and access control. This issue is fixed in version 3.3.0 and 2.52.14.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
from Latest Vulnerabilities https://ift.tt/wtEJnqo
via IFTTT