Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0505

Malicious code in bioql PyPI...

6.1CVSS7.4AI score0.00561EPSS
Exploits1References6
prion
prion
added 2024/02/29 1:44 a.m.94 views

Code injection

http-swagger before 1.2.6 allows XSS via PUT requests, because a file that has been uploaded via httpSwagger.WrapHandler and webdav.memFile can subsequently be accessed via a GET request. NOTE: this is independently fixable with respect to CVE-2022-24863, because if a solution continued to allow...

6AI score0.02402EPSS
Exploits1References2
nvd
nvd
added 2022/04/18 7:15 p.m.34 views

CVE-2022-24863

http-swagger is an open source wrapper to automatically generate RESTful API documentation with Swagger 2.0. In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down...

7.8CVSS0.02402EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2022/04/18 7:0 p.m.4 views

CVE-2022-24863 Denial of service in http-swagger

http-swagger is an open source wrapper to automatically generate RESTful API documentation with Swagger 2.0. In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down...

7.5CVSS7.4AI score0.02402EPSS
Exploits0References4
cve
cve
added 2022/04/18 7:0 p.m.685 views

CVE-2022-24863

CVE-2022-24863 affects the http-swagger package (wrapper for Swagger 2.0 docs). Versions prior to 1.2.6 are vulnerable due to improper handling of HTTP methods, enabling a denial-of-service via memory exhaustion on the host. The issue is mitigated by upgrading to 1.2.6 or by restricting the path ...

7.8CVSS7.3AI score0.02402EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2022/04/18 7:0 p.m.54 views

CVE-2022-24863 Denial of service in http-swagger

http-swagger is an open source wrapper to automatically generate RESTful API documentation with Swagger 2.0. In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down...

7.5CVSS7.6AI score0.02402EPSS
Exploits0References4
Rows per page
Query Builder