Smartbear Swagger_ui
3 CVEs affecting Smartbear Swagger_ui. Latest disclosed: 2024-01-15. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-17495 | Critical | 9.8 | 2019-10-10 | A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perf… |
CVE-2024-22207 | Medium | 5.3 | 2024-01-15 | fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will l… |
CVE-2018-25031 | Medium | 4.3 | 2022-03-11 | Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit… |