Lucene search
PRIOn knowledge basePRION:CVE-2022-24863HistoryApr 18, 2022 - 7:15 p.m.
Design/Logic Flaw
2022-04-1819:15:00
PRIOn knowledge base
www.prio-n.com
6
0.002 Low
EPSS
Percentile
53.2%
http-swagger is an open source wrapper to automatically generate RESTful API documentation with Swagger 2.0. In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down to improper handling of http methods. Users are advised to upgrade. Users unable to upgrade may to restrict the path prefix to the “GET” method as a workaround.
| CPE | Name | Operator | Version |
|---|---|---|---|
| http-swagger | lt | 1.2.6 |
Related
veracode
veracode
Denial Of Service (DoS)
2022-04-19 05:56:50
github
github
Denial of Service in http-swagger
2022-04-22 20:55:52
http-swagger XSS via PUT requests
2024-02-29 03:33:18
redhatcve
redhatcve
CVE-2022-24863
2022-04-19 07:56:53
cvelist
cvelist
CVE-2022-24863 Denial of service in http-swagger
2022-04-18 19:00:22
CVE-2024-25712
2024-02-11 00:00:00
cve
cve
CVE-2022-24863
2022-04-18 19:15:09
CVE-2024-25712
2024-02-29 01:44:16
nvd
nvd
CVE-2022-24863
2022-04-18 19:15:09
CVE-2024-25712
2024-02-29 01:44:16
osv
osv
http-swagger XSS via PUT requests
2024-02-29 03:33:18
CVE-2024-25712
2024-02-29 01:44:16
Unprotected file upload in github.com/swaggo/http-swagger
2024-02-29 15:38:09
prion
prion
Code injection
2024-02-29 01:44:00