Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/swagger-ui@2.2.4
purl pkg:npm/swagger-ui@2.2.4
Next non-vulnerable version 4.1.3
Latest non-vulnerable version 4.1.3
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-3v8v-mvbs-rkhu
Aliases:
GHSA-qrmm-w75w-3wpx
GMS-2021-188
GMS-2021-327
GMS-2021-44
GMS-2021-470
Server side request forgery in SwaggerUI
4.1.3
Affected by 0 other vulnerabilities.
VCID-4a5e-u6eu-a7g1
Aliases:
GHSA-388g-jwpg-x6j4
GMS-2020-781
Cross-Site Scripting in swagger-ui
3.0.13
Affected by 6 other vulnerabilities.
VCID-e33g-ayx5-rffp
Aliases:
CVE-2018-25031
GHSA-cr3q-pqgq-m8c2
Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others.
4.1.3
Affected by 0 other vulnerabilities.
VCID-ha7j-575w-c7eu
Aliases:
CVE-2019-17495
GHSA-c427-hjc3-wrfw
Cross-site scripting in Swagger-UI
3.23.11
Affected by 3 other vulnerabilities.
VCID-jqwv-yhzm-gke8
Aliases:
GHSA-x9p2-fxq6-2m5f
GMS-2019-143
Reverse Tabnapping in swagger-ui
3.18.0
Affected by 5 other vulnerabilities.
VCID-n2b6-kqqb-c7hy
Aliases:
GHSA-4f9m-pxwh-68hg
GMS-2020-782
Cross-Site Scripting in swagger-ui
3.20.9
Affected by 4 other vulnerabilities.
VCID-zn7g-cnwj-fud3
Aliases:
CVE-2021-46708
GHSA-6c9x-mj3g-h47x
Spoofing attack in swagger-ui-dist
4.1.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T16:44:12.801203+00:00 GitLab Importer Affected by VCID-4a5e-u6eu-a7g1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/GMS-2020-781.yml 38.6.0
2026-06-13T16:44:01.212039+00:00 GitLab Importer Affected by VCID-n2b6-kqqb-c7hy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/GMS-2020-782.yml 38.6.0
2026-06-12T18:01:56.865292+00:00 GitLab Importer Affected by VCID-e33g-ayx5-rffp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/CVE-2018-25031.yml 38.6.0
2026-06-12T18:01:48.399074+00:00 GitLab Importer Affected by VCID-zn7g-cnwj-fud3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/CVE-2021-46708.yml 38.6.0
2026-06-12T17:53:48.502020+00:00 GitLab Importer Affected by VCID-3v8v-mvbs-rkhu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/GMS-2021-188.yml 38.6.0
2026-06-12T17:14:48.535227+00:00 GitLab Importer Affected by VCID-ha7j-575w-c7eu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/CVE-2019-17495.yml 38.6.0
2026-06-12T17:12:27.532220+00:00 GitLab Importer Affected by VCID-jqwv-yhzm-gke8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/swagger-ui/GMS-2019-143.yml 38.6.0