7 matches found
CVE-2025-8527
CVE-2025-8527 affects Exrick xboot up to version 3.3.4, involving the Swagger component. The root cause is server-side request forgery triggered by manipulation of the loginUrl parameter in SecurityController.java (xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/). This Vu...
Security Bulletin: Novalink is impacted by Swagger vulnerability affects WebSphere Application Server Liberty
Summary Novalink uses WebSphere Application Server Liberty. There is a Swagger vulnerability that affects WebSphere Application Server Liberty. This affects the mpOpen-1.x and openAPI-3.x features. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-17495 DESCRIPTION:...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM StoredIQ (CVE-2019-17495)
Summary There is a Swagger vulnerability that affects WebSphere Application Server Liberty shipped with IBM StoredIQ. Vulnerability Details CVEID: CVE-2019-17495 DESCRIPTION: Swagger UI could allow a remote attacker to obtain sensitive information, caused by a CSS injection flaw. By using the...
Security Bulletin: Swagger Vulnerability in WebSphere Application Server Liberty shipped with Cloud Pak System (CVE-2019-17495)
Summary WebSphere Application Server Liberty is shipped as component with Cloud Pak System Information about security vulnerability affecting WebSphere Application Server liberty using Swagger UI have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...
Security Bulletin: Swagger vulnerability affects WebSphere Application Server Liberty bundled with IBM WebSphere Application Server Patterns (CVE-2019-17495)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed ...
Security Bulletin: Swagger vulnerability affects WebSphere Application Server Liberty (CVE-2019-17495)
Summary There is a Swagger vulnerability that affects WebSphere Application Server Liberty. This affects the mpOpen-1.x and openAPI-3.x features. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-17495 DESCRIPTION: Swagger UI could allow a remote attacker to obtain...
Swagger Remote Code Execution Vulnerability
Swagger is a specification and complete framework for generating, describing, invoking and visualizing RESTful style web services. A remote code execution vulnerability exists in Swagger, where parameters of Swagger JSON, YAML files are injected, allowing an attacker to exploit the vulnerability ...