VYPR

Go modules package

github.com/spectolabs/hoverfly

pkg:golang/github.com/spectolabs/hoverfly

Vulnerabilities (3)

  • CVE-2025-54376HigSep 10, 2025
    affected < 1.12.0fixed 1.12.0

    Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, Hoverfly’s admin WebSocket endpoint /api/v2/ws/logs is not protected by the same authentication middleware that guards the REST admin API. Consequently, an unauthenticated remote attacker can stream rea

  • CVE-2025-54123Sep 10, 2025
    affected <= 1.11.3

    Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, the middleware functionality in Hoverfly is vulnerable to command injection vulnerability at `/api/v2/hoverfly/middleware` endpoint due to insufficient validation and sanitization in user input. The vul

  • CVE-2024-45388Sep 2, 2024
    affected < 1.10.3fixed 1.10.3

    Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker