CVE-2024-22207

🗓️ 15 Jan 2024 16:13:15Reported by GoogleType

osv🔗 osv.dev👁 12 Views

Fastify plugin exposes all files without baseDir, fixed in v2.1.0

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Github Security Blog	Default swagger-ui configuration exposes all files in the module	16 Jan 202415:24	–	github
Cvelist	CVE-2024-22207 Default swagger-ui configuration exposes all files in the module	15 Jan 202415:40	–	cvelist
Prion	Default configuration	15 Jan 202416:15	–	prion
Veracode	Directory Traversal	16 Jan 202405:04	–	veracode
OSV	GHSA-62JR-84GF-WMG4 Default swagger-ui configuration exposes all files in the module	16 Jan 202415:24	–	osv
NVD	CVE-2024-22207	15 Jan 202416:15	–	nvd
Nuclei	Fastify Swagger-UI - Information Disclosure	23 Sep 202412:29	–	nuclei
CVE	CVE-2024-22207	15 Jan 202416:15	–	cve

Source	Link
github	www.github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4
security	www.security.netapp.com/advisory/ntap-20240216-0002/
github	www.github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Jan 2024 16:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS35.3

EPSS0.10896