An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4N3ctZnJjcS12NG0z
Path Traversal in @wturyn/swagger-injector
All versions of
@wturyn/swagger-injector are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the configured
dist folder using relative paths.
No fix is currently available. Consider using an alternative package until a fix is made available.Permalink: https://github.com/advisories/GHSA-4x7w-frcq-v4m3
Source: GitHub Advisory Database
Published: about 3 years ago
Updated: 9 months ago
No known fixed version