security: pprofhandler imprecise path matching exposes debug data

## Description

`pprofhandler/pprof.go:27-38` uses `bytes.HasPrefix` for routing, which matches prefix substrings:

```go
case bytes.HasPrefix(ctx.Path(), []byte("/debug/pprof/cmdline")):
```

This means `/debug/pprof/cmdlineFoo` matches the `cmdline` handler. Similarly for other profile paths.

## Impact

- Debug data exposed under slightly malformed paths
- Affects production deployments that expose pprof without strict path matching

## Suggested Fix

Use exact match:

```go
case bytes.Equal(ctx.Path(), []byte("/debug/pprof/cmdline")):
```

Or check for trailing `/` or end-of-path.

## File

`pprofhandler/pprof.go:27-38`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security: pprofhandler imprecise path matching exposes debug data #2258

Description

Impact

Suggested Fix

File

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

security: pprofhandler imprecise path matching exposes debug data #2258

Description

Description

Impact

Suggested Fix

File

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions