Schicho

**Name of the Vulnerable Software and Affected Versions** gofiber versions prior to 2.49.2 **Description** The issue impacts users who rely on the `ctx.IsFromLocal` method to restrict access to localhost requests. If exploited, it could allow unauthorized access to resources intended only for localhost. Setting `X-Forwarded-For: 127.0.0.1` in a request from a foreign host will result in true for `ctx.IsFromLocal`. Access is limited to the scope of the affected process. **Recommendations** To resolve the issue, upgrade to version 2.49.2 or later, as this issue has been patched in version 2.49.2 with commit b8c9ede6. As a temporary workaround, consider restricting the use of the `ctx.IsFromLocal` method until a patch is available. Avoid using the `X-Forwarded-For` header in requests to minimize the risk of exploitation.