Lookup for vulnerable packages by Package URL.
| Purl | pkg:npm/swagger-ui@2.2.1 |
|---|
| Type | npm |
|---|
| Namespace | |
|---|
| Name | swagger-ui |
|---|
| Version | 2.2.1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | false |
|---|
| Next_non_vulnerable_version | 3.23.11 |
|---|
| Latest_non_vulnerable_version | 4.1.3 |
|---|
| Affected_by_vulnerabilities |
|
|---|
| Fixing_vulnerabilities |
| 0 |
| url |
VCID-3hsn-22rw-7kay |
| vulnerability_id |
VCID-3hsn-22rw-7kay |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-5682, GHSA-p239-93f7-h6xf
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3hsn-22rw-7kay |
|
| 1 |
| url |
VCID-5918-w4jq-rka8 |
| vulnerability_id |
VCID-5918-w4jq-rka8 |
| summary |
XSS in Consumes/Produces Parameter
Swagger is a standardized library for documenting API endpoints and their parameters. Swagger uses a JSON document to organize API endpoint parameter data.
Swagger-UI version 2.1.4 contains a cross site scripting (XSS) vulnerability in the `consumes` and `produces` parameters of the swagger json document for a given API. A maliciously crafted swagger JSON doc can be loaded via the URL query-string parameter `url`.
To exploit the vulnerability, an attacker would convince a user to visit a malicious url crafted in the following format:
```
http://<USER_HOSTNAME>/swagger-ui/index.html?url=http://<MALICIOUS_HOSTNAME>/malicious-swagger-file.json
````
This issue is being disclosed before a public patched release is available due to the issue being made public in a Github issue. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:npm/swagger-ui@2.1.5 |
| purl |
pkg:npm/swagger-ui@2.1.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3hsn-22rw-7kay |
|
| 1 |
| vulnerability |
VCID-5918-w4jq-rka8 |
|
| 2 |
| vulnerability |
VCID-fc6y-84x3-8bgu |
|
| 3 |
| vulnerability |
VCID-gdhu-jxfv-k7a9 |
|
| 4 |
| vulnerability |
VCID-h64t-4k96-h7d4 |
|
| 5 |
| vulnerability |
VCID-hvuf-t6m7-fuhh |
|
| 6 |
| vulnerability |
VCID-mjr2-z5x4-e3bs |
|
| 7 |
| vulnerability |
VCID-mpx5-7r4y-77a9 |
|
| 8 |
| vulnerability |
VCID-r28p-re5d-uya7 |
|
| 9 |
| vulnerability |
VCID-wfzu-tsmb-nqf1 |
|
| 10 |
| vulnerability |
VCID-znja-a329-yyh9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.5 |
|
| 1 |
|
| 2 |
|
|
| aliases |
CVE-2016-1000226, GHSA-7f59-x49p-v8mq, GMS-2020-783
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5918-w4jq-rka8 |
|
| 2 |
|
| 3 |
|
| 4 |
| url |
VCID-mjr2-z5x4-e3bs |
| vulnerability_id |
VCID-mjr2-z5x4-e3bs |
| summary |
Cross-Site Scripting in swagger-ui
Affected versions of `swagger-ui` are vulnerable to cross-site scripting via the `url` query string parameter.
## Recommendation
Update to 2.2.1 or later. |
| references |
|
| fixed_packages |
|
| aliases |
GHSA-g336-c7wv-8hp3, GMS-2020-784
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mjr2-z5x4-e3bs |
|
| 5 |
| url |
VCID-r28p-re5d-uya7 |
| vulnerability_id |
VCID-r28p-re5d-uya7 |
| summary |
XSS via Content-type header
By using a malicious server which returns script as the value of the Content-Type header, it is possible to execute arbitrary code using the demonstration capabilities of Swagger-UI. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:npm/swagger-ui@2.1.5 |
| purl |
pkg:npm/swagger-ui@2.1.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3hsn-22rw-7kay |
|
| 1 |
| vulnerability |
VCID-5918-w4jq-rka8 |
|
| 2 |
| vulnerability |
VCID-fc6y-84x3-8bgu |
|
| 3 |
| vulnerability |
VCID-gdhu-jxfv-k7a9 |
|
| 4 |
| vulnerability |
VCID-h64t-4k96-h7d4 |
|
| 5 |
| vulnerability |
VCID-hvuf-t6m7-fuhh |
|
| 6 |
| vulnerability |
VCID-mjr2-z5x4-e3bs |
|
| 7 |
| vulnerability |
VCID-mpx5-7r4y-77a9 |
|
| 8 |
| vulnerability |
VCID-r28p-re5d-uya7 |
|
| 9 |
| vulnerability |
VCID-wfzu-tsmb-nqf1 |
|
| 10 |
| vulnerability |
VCID-znja-a329-yyh9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.5 |
|
| 1 |
|
| 2 |
|
|
| aliases |
CVE-2016-1000233, GHSA-mrx7-8hxf-f853, GMS-2020-785
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r28p-re5d-uya7 |
|
| 6 |
| url |
VCID-sp5n-ncjd-rkft |
| vulnerability_id |
VCID-sp5n-ncjd-rkft |
| summary |
XSS in key names
Swagger is a standardized library for documenting API endpoints and their parameters. Swagger uses a JSON document to organize API endpoint parameter data.
Swagger-ui contains a cross site scripting (XSS) vulnerability in the key names for the following object path in the JSON document:
```
.definitions.<USER_DEFINED>.properties.<INJECTABLE_KEY_NAME>
```
Supplying a key name with script tags causes arbitrary code execution. In addition it is possible to load the arbitrary JSON files remotely via the `URL` query-string parameter.
This advisory is being disclosed before a public patched release is available because of a public Github issue documenting the vulnerability. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-1000229, GHSA-h8wp-wgcq-qhrf
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sp5n-ncjd-rkft |
|
| 7 |
|
|
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.2.1 |
|---|