VYPR

npm package

fury-adapter-swagger

pkg:npm/fury-adapter-swagger

Vulnerabilities (1)

  • CVE-2016-1000249higSep 1, 2020
    affected >= 0.2.0, < 0.9.7fixed 0.9.7

    `fury-adapter-swagger` from version 0.2.0 until version 0.9.7 has a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like `/dev/zero`. ##