EUVD-2022-1341

Malicious code in bioql PyPI...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2018-25031, CVE-2021-46708)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

GHSA-6C9X-MJ3G-H47X Spoofing attack in swagger-ui-dist

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

Spoofing attack in swagger-ui-dist

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

CVE-2021-46708

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

CVE-2021-46708

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

Design/Logic Flaw

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

CVE-2021-46708

CVE-2021-46708 affects npm swagger-ui-dist and swagger-ui-dist before 4.1.3 for Node.js. The vulnerability enables a remote attacker to hijack the victim’s clicking action when the user visits a malicious site, potentially enabling further attacks against the victim. The connected IBM/IBM-related...

CVE-2021-46708

The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

swagger-ui-dist 安全漏洞

swagger-ui-dist is a module that exposes the entire dist folder of Swagger-UI as a dependency-free npm module. A security vulnerability exists in Node.js swagger-ui-dist versions prior to 4.1.3, which stems from a lack of effective filtering and validation of html code. An attacker can write...

PT-2022-12909 · Unknown · Swagger-Ui-Dist

Name of the Vulnerable Software and Affected Versions: swagger-ui-dist versions prior to 4.1.3 Description: The issue allows a remote attacker to hijack the clicking action of the victim by persuading them to visit a malicious website, potentially leading to further attacks against the victim...

@0x0c/nestjs-swagger (>=6.1.5 <=6.3.1), @1creator/backend (>=1.1.17 <=1.2.151) +1106 more potentially affected by unknown CVE via swagger-ui-dist (>=3.0.17 <=4.1.2)

swagger-ui-dist NPM version =3.0.17, =6.1.5, =1.1.17, =1.1.0-beta.1, =15.0.0, =0.1.0-alpha.1, =0.2.4, =1.2.0, =3.7.0, =1.0.0, =1.0.0, =1.0.0, =1.7.8, =2.2.2, =2.5.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-QRMM-W75W-3WPX...