Homepage

restify-swagger-jsdoc@1.2.0 vulnerabilities

Create Swagger documentation page based on jsdoc

  • latest version

    3.3.0

  • latest non vulnerable version

    3.3.0

  • first published

    8 years ago

  • latest version published

    2 years ago

  • licenses detected

  • View restify-swagger-jsdoc package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the restify-swagger-jsdoc package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Directory Traversal

    restify-swagger-jsdoc is a package that creates Swagger documentation page based on jsdoc.

    Affected versions of this package are vulnerable to Directory Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths.

    How to fix Directory Traversal?

    Upgrade restify-swagger-jsdoc to version 3.2.1 or higher.

    <3.2.1
    Go back to all versions of this package