VYPR

RubyGems package

rswag

pkg:gem/rswag

Vulnerabilities (1)

  • CVE-2023-38337HigJul 14, 2023
    affected < 2.10.1fixed 2.10.1

    rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.