Lucene search
MitreVULNRICHMENT:CVE-2018-25031HistoryMar 11, 2022 - 6:47 a.m.
CVE-2018-25031
2022-03-1106:47:46
mitre
github.com
5
cve-2018-25031
swagger ui
remote attack
Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*"
],
"vendor": "smartbear",
"product": "swagger_ui",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "4.1.2"
}
],
"defaultStatus": "unknown"
}
]Related
ibm
ibm
packetstorm
packetstorm
Swagger UI 4.1.3 Critical Information Misrepresentation
2023-04-20 00:00:00
cve
cve
CVE-2018-25031
2022-03-11 07:15:07
osv
osv
CVE-2018-25031
2022-03-11 07:15:07
Spoofing attack in swagger-ui
2022-03-12 00:00:36
prion
prion
Design/Logic Flaw
2022-03-11 07:15:00
zdt
zdt
cvelist
cvelist
CVE-2018-25031
2022-03-11 06:47:46
github
github
Spoofing attack in swagger-ui
2022-03-12 00:00:36
exploitdb
exploitdb
ubuntucve
ubuntucve
CVE-2018-25031
2022-03-11 00:00:00
nvd
nvd
CVE-2018-25031
2022-03-11 07:15:07
veracode
veracode
Spoofing Attack
2022-03-14 06:03:00
AI Score
6.6
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2018-25031