CVSS: 5.3EPSS: 9%CPEs: 1EXPL: 0CVE-2024-22207 – Default swagger-ui configuration exposes all files in the module
https://notcve.org/view.php?id=CVE-2024-22207
15 Jan 2024 — fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability. fastify-swagger-ui es un complemento de Fastify para servir la interfaz de usuario de Swagger. Antes de 2.1.0, la configuración predeterminada de `@fas... • https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 13CVE-2018-25031
https://notcve.org/view.php?id=CVE-2018-25031
11 Mar 2022 — Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others. Swagger UI versiones anteriores a 4.1.3, podría permitir a un atacante remoto realizar ataques de suplantación de ... • https://github.com/afine-com/CVE-2018-25031 • CWE-20: Improper Input Validation CWE-918: Server-Side Request Forgery (SSRF) CWE-922: Insecure Storage of Sensitive Information •
CVSS: 9.8EPSS: 1%CPEs: 17EXPL: 3CVE-2019-17495
https://notcve.org/view.php?id=CVE-2019-17495
10 Oct 2019 — A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that