Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-ybf8-7h5c-3bbu |
|---|
| Summary | XSS in URL Query String Parameter
In versions 2.1.0-M1 and 2.1.0-M2, swagger-ui has a cross site scripting (XSS) vulnerability in the `url` query string parameter. |
|---|
| Aliases |
|
|---|
| Fixed_packages |
| 0 |
| url |
pkg:npm/swagger-ui@2.1.0 |
| purl |
pkg:npm/swagger-ui@2.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3hsn-22rw-7kay |
|
| 1 |
| vulnerability |
VCID-5918-w4jq-rka8 |
|
| 2 |
| vulnerability |
VCID-byuc-dyx4-zben |
|
| 3 |
| vulnerability |
VCID-fc6y-84x3-8bgu |
|
| 4 |
| vulnerability |
VCID-gdhu-jxfv-k7a9 |
|
| 5 |
| vulnerability |
VCID-h64t-4k96-h7d4 |
|
| 6 |
| vulnerability |
VCID-hvuf-t6m7-fuhh |
|
| 7 |
| vulnerability |
VCID-jkux-j1yd-47ep |
|
| 8 |
| vulnerability |
VCID-mjr2-z5x4-e3bs |
|
| 9 |
| vulnerability |
VCID-mpx5-7r4y-77a9 |
|
| 10 |
| vulnerability |
VCID-r28p-re5d-uya7 |
|
| 11 |
| vulnerability |
VCID-s2s9-qpgy-nffr |
|
| 12 |
| vulnerability |
VCID-sp5n-ncjd-rkft |
|
| 13 |
| vulnerability |
VCID-uyf1-htgj-6bdp |
|
| 14 |
| vulnerability |
VCID-wfzu-tsmb-nqf1 |
|
| 15 |
| vulnerability |
VCID-znja-a329-yyh9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0 |
|
|
|---|
| Affected_packages |
| 0 |
| url |
pkg:npm/swagger-ui@2.1.0-M1 |
| purl |
pkg:npm/swagger-ui@2.1.0-M1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3hsn-22rw-7kay |
|
| 1 |
| vulnerability |
VCID-5918-w4jq-rka8 |
|
| 2 |
| vulnerability |
VCID-6xjv-drz7-tbgc |
|
| 3 |
| vulnerability |
VCID-byuc-dyx4-zben |
|
| 4 |
| vulnerability |
VCID-fc6y-84x3-8bgu |
|
| 5 |
| vulnerability |
VCID-gdhu-jxfv-k7a9 |
|
| 6 |
| vulnerability |
VCID-h64t-4k96-h7d4 |
|
| 7 |
| vulnerability |
VCID-hvuf-t6m7-fuhh |
|
| 8 |
| vulnerability |
VCID-jkux-j1yd-47ep |
|
| 9 |
| vulnerability |
VCID-mjr2-z5x4-e3bs |
|
| 10 |
| vulnerability |
VCID-mpx5-7r4y-77a9 |
|
| 11 |
| vulnerability |
VCID-r28p-re5d-uya7 |
|
| 12 |
| vulnerability |
VCID-s2s9-qpgy-nffr |
|
| 13 |
| vulnerability |
VCID-sp5n-ncjd-rkft |
|
| 14 |
| vulnerability |
VCID-uyf1-htgj-6bdp |
|
| 15 |
| vulnerability |
VCID-wfzu-tsmb-nqf1 |
|
| 16 |
| vulnerability |
VCID-ybf8-7h5c-3bbu |
|
| 17 |
| vulnerability |
VCID-znja-a329-yyh9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0-M1 |
|
| 1 |
| url |
pkg:npm/swagger-ui@2.1.0-M2 |
| purl |
pkg:npm/swagger-ui@2.1.0-M2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3hsn-22rw-7kay |
|
| 1 |
| vulnerability |
VCID-5918-w4jq-rka8 |
|
| 2 |
| vulnerability |
VCID-6xjv-drz7-tbgc |
|
| 3 |
| vulnerability |
VCID-byuc-dyx4-zben |
|
| 4 |
| vulnerability |
VCID-fc6y-84x3-8bgu |
|
| 5 |
| vulnerability |
VCID-gdhu-jxfv-k7a9 |
|
| 6 |
| vulnerability |
VCID-h64t-4k96-h7d4 |
|
| 7 |
| vulnerability |
VCID-hvuf-t6m7-fuhh |
|
| 8 |
| vulnerability |
VCID-jkux-j1yd-47ep |
|
| 9 |
| vulnerability |
VCID-mjr2-z5x4-e3bs |
|
| 10 |
| vulnerability |
VCID-mpx5-7r4y-77a9 |
|
| 11 |
| vulnerability |
VCID-r28p-re5d-uya7 |
|
| 12 |
| vulnerability |
VCID-s2s9-qpgy-nffr |
|
| 13 |
| vulnerability |
VCID-sp5n-ncjd-rkft |
|
| 14 |
| vulnerability |
VCID-uyf1-htgj-6bdp |
|
| 15 |
| vulnerability |
VCID-wfzu-tsmb-nqf1 |
|
| 16 |
| vulnerability |
VCID-ybf8-7h5c-3bbu |
|
| 17 |
| vulnerability |
VCID-znja-a329-yyh9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0-M2 |
|
|
|---|
| References |
|
|---|
| Weaknesses |
|
|---|
| Exploits |
|
|---|
| Severity_range_score | 9.1 - 9.1 |
|---|
| Exploitability | 0.5 |
|---|
| Weighted_severity | 8.2 |
|---|
| Risk_score | 4.1 |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-ybf8-7h5c-3bbu |
|---|