5 matches found
Fastify Swagger-UI - Information Disclosure
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...
CVE-2024-22207 Default swagger-ui configuration exposes all files in the module
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...
CVE-2024-22207 Default swagger-ui configuration exposes all files in the module
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...
CVE-2024-22207 Default swagger-ui configuration exposes all files in the module
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...
CVE-2024-22207
CVE-2024-22207 affects the fastify-swagger-ui Fastify plugin. Before version 2.1.0, the default configuration of @fastify/swagger-ui without a baseDir exposes all files in the module directory via HTTP routes, enabling information disclosure. The issue is resolved in v2.1.0; as a workaround, conf...