489 matches found
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7 that stems from the DELETE endpoint not properly validating input, which could lead to remote code execution...
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from the /api/v3/pet interface not validating specially crafted scripts, which could lead to a cross-site scripting attack...
Swagger Petstore Sample 安全漏洞
Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from a server returning a 404 error page and exposing sensitive information when accessing a non-existent endpoint or shopping cart...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: lazydocker, dgraph, nri-consul, rclone, docker-cli-buildx, kapp-controller, render-template, flux, nri-redis, step-kms-plugin, nodetaint, nuclei, tigera-operator, kube-logging-operator, nginx-prometheus-exporter, nri-haproxy, kuberlr, harbor-registry, wgcf,...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: kuma, mockgen, teleport, rancher-agent, bom, k3d, neuvector, knative-serving, spark-operator, kor, azuredisk-csi, harbor-registry, oauth2-proxy, kubernetes-dashboard-web, gcp-compute-persistent-disk-csi-driver, wire-go, terraform-provider-azapi, prometheus-operator,...
Exploit for Improper Input Validation in Smartbear Swagger_Ui
swagger-ui POC for Testing HTML Injection in Swagger UI CVE-...
Malicious code in koa2-swagger-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fd12270f2d2a5b53bfaf3aabcbae8d26a7eec21613c28e4673369a33025ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47187 Malicious code in koa2-swagger-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fd12270f2d2a5b53bfaf3aabcbae8d26a7eec21613c28e4673369a33025ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Embedded Malicious Code
Overview koa2-swagger-ui is a swagger ui for a koa v2 app Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It...
@citrineos/ocpi-base (>=2.0.0 <=2.0.1), @citrineos/ocpi-cdrs (>=2.0.0 <=2.0.1) +16 more potentially affected by unknown CVE via koa2-swagger-ui (>=5.0.5 <=5.11.0)
koa2-swagger-ui NPM version =5.0.5, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.5.0, =0.1.1, =0.1.0, =0.5.0 - @trey.turner/artifacts-mocks-counterfact =0.0.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-KOA2SWAGGERUI-12704865...
Linux Distros Unpatched Vulnerability : CVE-2021-39910
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...
Malicious code in swagger-to-server (npm)
The package swagger-to-server was found to contain malicious code...
swagger-koa88 (>=1.0.2 <=1.0.5-0), windows10-electron-vibrancy (>=1.0.0 <=1.0.1) +1 more potentially affected by unknown CVE via coffe-script (=0.0.1-security)
coffe-script NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on coffe-script and may be impacted: - swagger-koa88 =1.0.2, =1.0.0, =1.0.5, =1.1.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17263...
MAL-2025-9594 Malicious code in @vikas_upadhyay0/swagger-lint (npm)
The package @vikasupadhyay0/swagger-lint was found to contain malicious code...
MAL-2025-34265 Malicious code in swagger-to-server (npm)
The package swagger-to-server was found to contain malicious code...
app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1456 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk15on (>=1.49 <=1.70)
org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.49, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: kuma, fluent-bit-plugin-loki, grafana-fips, teleport, nri-kafka, aws-iam-authenticator-fips, verticadb-operator-fips, kube-conformance, hugo-extended, verticadb-operator, kyverno-policy-reporter, coredns, knative-serving, trillian-fips, azuredisk-csi, influx,...
CVE-2025-8527
A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...
CVE-2025-8527
A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...
CVE-2025-8527
A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...