3 matches found
peanut-restify (>=1.1.0 <=1.1.66) potentially affected by unknown CVE via restify-swagger-jsdoc (>=1.1.2 <=1.2.1)
restify-swagger-jsdoc NPM version =1.1.2, =1.1.0, =1.1.66 Source cves: unknown CVE Source advisory: OSV:GHSA-GVFF-25CC-4F66...
GHSA-GVFF-25CC-4F66 Path Traversal in restify-swagger-jsdoc
Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...
Path Traversal in restify-swagger-jsdoc
Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...