GHSA-2R7F-4H2C-5X73 fury-adapter-swagger allows arbitrary file read from system

fury-adapter-swagger from version 0.2.0 until version 0.9.7 has a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like /dev/zero. Proof of Concept: yaml -...

fury-adapter-swagger allows arbitrary file read from system

fury-adapter-swagger from version 0.2.0 until version 0.9.7 has a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like /dev/zero. Proof of Concept: yaml -...

Arbitrary File Read And Denial Of Service (DoS)

fury-adapter-swagger is vulnerable to arbitrary file reads off the file system and denial of service DoS attacks. This could be used to retrieve sensitive data, or fill the entire available memory and cause a denial of service by reading/dev/zero...

Arbitrary File Read

Overview Affected versions of fury-adapter-swagger have a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like /dev/zero. Proof of Concept: --- swagger:...