Skip to content

Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Critical severity GitHub Reviewed Published Dec 7, 2025 in gofiber/utils • Updated Dec 8, 2025

Package

gomod github.com/gofiber/utils (Go)

Affected versions

<= 1.2.0

Patched versions

None
gomod github.com/gofiber/utils/v2 (Go)
< 2.0.0-rc.3.0.20251205210924-6c6cf047032b
2.0.0-rc.4

Description

Summary

Critical security vulnerabilities exist in both the UUIDv4() and UUID() functions of the github.com/gofiber/utils package. When the system's cryptographic random number generator (crypto/rand) fails, both functions silently fall back to returning predictable UUID values, including the zero UUID "00000000-0000-0000-0000-000000000000". This compromises the security of all Fiber applications using these functions for security-critical operations.

Both functions are vulnerable to the same root cause (crypto/rand failure):

  • UUIDv4(): Indirect vulnerability through uuid.NewRandom()crypto/rand.Read() → fallback to UUID()
  • UUID(): Direct vulnerability through crypto/rand.Read(uuidSeed[:]) → silent zero UUID return

Vulnerability Details

Affected Functions

  • Package: github.com/gofiber/utils
  • Functions: UUIDv4() and UUID()
  • Return Type: string (both functions)
  • Locations: common.go:93-99 (UUIDv4), common.go:60-89 (UUID)

Technical Description

The vulnerability occurs through two related but distinct failure paths, both ultimately caused by crypto/rand.Read() failures:

Primary Path: UUIDv4() Vulnerability

  1. UUIDv4() calls google/uuid.NewRandom() which internally uses crypto/rand.Read()
  2. If uuid.NewRandom() fails due to entropy exhaustion, UUIDv4() falls back to the internal UUID() function
  3. No error is returned to the application - silent security failure occurs

Secondary Path: UUID() Vulnerability

  1. UUID() directly calls crypto/rand.Read(uuidSeed[:]) to seed its internal state
  2. If seeding fails, UUID() silently fails and returns the zero UUID "00000000-0000-0000-0000-000000000000"
  3. Applications receive predictable UUIDs with no indication of the security failure

Both functions are vulnerable to the same root cause (crypto/rand failure):

  • UUIDv4(): Indirect vulnerability through uuid.NewRandom()crypto/rand.Read() → fallback to UUID()
  • UUID(): Direct vulnerability through crypto/rand.Read(uuidSeed[:]) → silent zero UUID return

Code Analysis

UUIDv4() Vulnerability Path

// Vulnerable code in UUIDv4() - Indirect rand.Read() failure
func UUIDv4() string {
	token, err := uuid.NewRandom()  // Uses crypto/rand.Read() internally
	if err != nil {
		return UUID()  // Dangerous fallback - no error returned to application
	}
	return token.String()
}

UUID() Vulnerability Path

// Vulnerable fallback function UUID() - Direct rand.Read() failure
func UUID() string {
	uuidSetup.Do(func() {
		if _, err := rand.Read(uuidSeed[:]); err != nil {  // Direct crypto/rand.Read() call
			return  // Silent failure - no seeding, uuidCounter remains 0
		}
		uuidCounter = binary.LittleEndian.Uint64(uuidSeed[:8])
	})
	if atomic.LoadUint64(&uuidCounter) <= 0 {
		return "00000000-0000-0000-0000-000000000000"  // Zero UUID returned silently
	}
	// ... generate UUID from counter
}

Root Cause: Both vulnerabilities stem from crypto/rand.Read() failures, but occur through different code paths with the same dangerous silent failure behavior.

Security Impact

Severity: CRITICAL

This issue is especially severe because many Fiber middleware packages (session, CSRF, auth, rate-limit, request-ID, etc.) default to utils.UUIDv4() for generating security-sensitive identifiers. A failure in crypto/rand would cause every generated identifier across the entire application to collapse to a single predictable value (often the zero UUID), resulting in:

  • Session fixation / universal session hijack
  • CSRF token predictability and bypass
  • Authentication token replay
  • Global identifier collisions leading to severe application breakage
  • Potential application-wide DoS due to every request using the same “unique” key, causing cache overwrites, session stomping, corrupted internal maps, and loss of isolation across all users

Attack Scenario

Importantly, while true entropy exhaustion is extremely rare on modern Linux systems, entropy access failures (e.g., restricted /dev/random//dev/urandom access, broken container environments, sandbox restrictions, misconfigured VMs, or FIPS-mode RNG failures) are more realistic failure modes. In these scenarios, crypto/rand may return errors immediately — triggering the vulnerable fallback paths.

Real-World Impact

  • Session fixation or hijacking (predictable session IDs)
  • CSRF token forging or bypass
  • Authentication replay / token prediction
  • Potential denial-of-service (DoS) key-based structures (sessions, rate-limits, caches, CSRF token stores) collapse into a single shared key if the zero UUID is returned, causing widespread overwrite, lock contention, or state corruption
  • Request-ID collisions, undermining logging and trace integrity
  • General compromise of confidentiality, integrity, and authorization logic relying on UUIDs for uniqueness or secrecy

Proof of Concept

The vulnerability can be demonstrated by examining the fallback behavior in the source code. When crypto/rand fails:

  1. uuid.NewRandom() fails (indirect crypto/rand.Read() failure)
  2. UUIDv4() calls UUID() as fallback with no error returned
  3. UUID() seeding fails directly via crypto/rand.Read(uuidSeed[:])
  4. Zero UUID "00000000-0000-0000-0000-000000000000" is returned silently
  5. No error is propagated to the application from either function

Both UUIDv4() and UUID() exhibit the same dangerous silent failure behavior when crypto/rand is unavailable.

Affected Versions

  • All versions of github.com/gofiber/utils containing the UUIDv4() function
  • Applications using Fiber middleware that depend on UUIDv4() for security

Mitigation

Immediate Workaround

Replace usage of utils.UUIDv4() with uuid.New() or wait for fix:

// Instead of:
sessionID := utils.UUIDv4()

// Use:
sessionID := uuid.New()

Recommended Fix

Modify utils.UUIDv4() and utils.UUID()to fail explicitly when cryptographic randomness is unavailable:

func UUIDv4() string {
	token, err := uuid.NewRandom()
	if err != nil {
		panic(fmt.Sprintf("utils: failed to generate secure UUID: %v", err))
	}
	return token.String()
}
func UUID() string {
    uuidSetup.Do(func() {
        if _, err := rand.Read(uuidSeed[:]); err != nil {
            panic(fmt.Sprintf("utils: failed to seed UUID generator: %v", err))
        }
        uuidCounter = binary.LittleEndian.Uint64(uuidSeed[:8])
    })
    if atomic.LoadUint64(&uuidCounter) <= 0 {
        panic("utils: UUID generator not properly seeded")
    }
    // ... generate UUID from counter
}

Detection

Applications can detect if they're affected by:

  1. Checking if they use github.com/gofiber/utils package
  2. Searching for UUIDv4() usage in security-critical code paths
  3. Reviewing middleware configurations that use UUIDv4 as defaults

or

  1. Checking to see if any Fiber middleware is used that relies on defaults of UUIDv4() for security identifiers.

Contact

Reported by: @sixcolors

Classification

  • OWASP: A02:2021 - Cryptographic Failures
  • Impact: Complete compromise of application security model
  • Exploitability: Medium (requires entropy exhaustion)
  • Scope: All Fiber applications using affected middleware

References

@ReneWerner87 ReneWerner87 published to gofiber/utils Dec 7, 2025
Published to the GitHub Advisory Database Dec 8, 2025
Reviewed Dec 8, 2025
Last updated Dec 8, 2025

Severity

Critical

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v4 base metrics

Exploitability Metrics
Attack Vector Network
Attack Complexity High
Attack Requirements None
Privileges Required None
User interaction None
Vulnerable System Impact Metrics
Confidentiality High
Integrity High
Availability Low
Subsequent System Impact Metrics
Confidentiality None
Integrity None
Availability None

CVSS v4 base metrics

Exploitability Metrics
Attack Vector: This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the resulting severity) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable system. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater severity.
Attack Complexity: This metric captures measurable actions that must be taken by the attacker to actively evade or circumvent existing built-in security-enhancing conditions in order to obtain a working exploit. These are conditions whose primary purpose is to increase security and/or increase exploit engineering complexity. A vulnerability exploitable without a target-specific variable has a lower complexity than a vulnerability that would require non-trivial customization. This metric is meant to capture security mechanisms utilized by the vulnerable system.
Attack Requirements: This metric captures the prerequisite deployment and execution conditions or variables of the vulnerable system that enable the attack. These differ from security-enhancing techniques/technologies (ref Attack Complexity) as the primary purpose of these conditions is not to explicitly mitigate attacks, but rather, emerge naturally as a consequence of the deployment and execution of the vulnerable system.
Privileges Required: This metric describes the level of privileges an attacker must possess prior to successfully exploiting the vulnerability. The method by which the attacker obtains privileged credentials prior to the attack (e.g., free trial accounts), is outside the scope of this metric. Generally, self-service provisioned accounts do not constitute a privilege requirement if the attacker can grant themselves privileges as part of the attack.
User interaction: This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable system. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner.
Vulnerable System Impact Metrics
Confidentiality: This metric measures the impact to the confidentiality of the information managed by the VULNERABLE SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.
Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the VULNERABLE SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).
Availability: This metric measures the impact to the availability of the VULNERABLE SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.
Subsequent System Impact Metrics
Confidentiality: This metric measures the impact to the confidentiality of the information managed by the SUBSEQUENT SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.
Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the SUBSEQUENT SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).
Availability: This metric measures the impact to the availability of the SUBSEQUENT SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

EPSS score

Weaknesses

Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. Learn more on MITRE.

Insufficient Entropy

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others. Learn more on MITRE.

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong. Learn more on MITRE.

CVE ID

CVE-2025-66565

GHSA ID

GHSA-m98w-cqp3-qcqr

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.