Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Summary
When using the fiber.Ctx.BodyParser to parse into a struct with range values, a panic occurs when trying to parse a negative range index
Details
fiber.Ctx.BodyParser can map flat data to nested slices using key[idx]value syntax, however when idx is negative, it causes a panic instead of returning an error stating it cannot process the data.
Since this data is user-provided, this could lead to denial of service for anyone relying on this fiber.Ctx.BodyParser functionality
Reproducing
Take a simple GoFiberV2 server which returns a JSON encoded version of the FormData
package main
import (
"encoding/json"
"fmt"
"net/http"
"github.com/gofiber/fiber/v2"
)
type RequestBody struct {
NestedContent []*struct {
Value string `form:"value"`
} `form:"nested-content"`
}
func main() {
app := fiber.New()
app.Post("/", func(c *fiber.Ctx) error {
formData := RequestBody{}
if err := c.BodyParser(&formData); err != nil {
fmt.Println(err)
return c.SendStatus(http.StatusUnprocessableEntity)
}
c.Set("Content-Type", "application/json")
s, _ := json.Marshal(formData)
return c.SendString(string(s))
})
fmt.Println(app.Listen(":3000"))
}
Correct Behaviour
Send a valid request such as:
curl --location 'localhost:3000' \
--form 'nested-content[0].value="Foo"' \
--form 'nested-content[1].value="Bar"'
You recieve valid JSON
{"NestedContent":[{...
CVSS: HIGH (7.7) EPSS Score: 0.05%
May 22nd, 2025 (19 days ago)
|
|
|
Description: Pingora versions prior to 0.5.0 which used the caching functionality in pingora-proxy did not properly drain the downstream request body on cache hits.
This allows an attacker to craft malicious HTTP/1.1 requests which could lead to request smuggling or cache poisoning.
This flaw was corrected in commit fda3317ec822678564d641e7cf1c9b77ee3759ff by ensuring that the downstream request body is always drained before a connection can be reused.
See the blog post for more information.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4366
https://blog.cloudflare.com/resolving-a-request-smuggling-vulnerability-in-pingora
https://github.com/cloudflare/pingora
https://rustsec.org/advisories/RUSTSEC-2025-0037.html
https://github.com/advisories/GHSA-3qmp-g57h-rxf2
CVSS: HIGH (7.4) EPSS Score: 0.04%
May 22nd, 2025 (19 days ago)
|
CVE-2024-41199 |
Description: An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet.
CVSS: HIGH (7.2) EPSS Score: 0.01% SSVC Exploitation: poc
May 22nd, 2025 (19 days ago)
|
|
CVE-2024-40462 |
Description: An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the SETTINGSVATIGATOR.EXE component
CVSS: HIGH (7.8) EPSS Score: 0.01%
May 22nd, 2025 (19 days ago)
|
|
CVE-2024-40461 |
Description: An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the STOCKORDERENTRY.EXE component
CVSS: HIGH (7.8) EPSS Score: 0.01%
May 22nd, 2025 (19 days ago)
|
|
CVE-2024-40460 |
Description: An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the JOBENTRY.EXE
CVSS: HIGH (7.8) EPSS Score: 0.01%
May 22nd, 2025 (19 days ago)
|
|
CVE-2024-40459 |
Description: An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function
CVSS: HIGH (7.8) EPSS Score: 0.01%
May 22nd, 2025 (19 days ago)
|
|
CVE-2024-40458 |
Description: An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.
CVSS: HIGH (7.8) EPSS Score: 0.02%
May 22nd, 2025 (19 days ago)
|
|
CVE-2025-3887 |
Description: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of H265 slice headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26596.
CVSS: HIGH (8.8) EPSS Score: 0.18% SSVC Exploitation: none
May 22nd, 2025 (19 days ago)
|
|
CVE-2025-3882 |
Description: eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of the dest parameter provided to the nwcheckexec.php endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-23114.
CVSS: HIGH (8.8) EPSS Score: 0.13% SSVC Exploitation: none
May 22nd, 2025 (19 days ago)
|