swagger-ui-express@4.0.6 vulnerabilities
Swagger UI Express
-
latest version
5.0.1
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
6 months ago
-
licenses detected
- >=3.0.5
Direct Vulnerabilities
Known vulnerabilities in the swagger-ui-express package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
swagger-ui-express is a module that allows you to serve auto-generated swagger-ui generated API docs from express, based on a swagger.json file. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the NOTE: This vulnerability has also been identified as: CVE-2021-46708 How to fix Server-side Request Forgery (SSRF)? Upgrade |
<4.3.0
|
swagger-ui-express is a module that allows you to serve auto-generated swagger-ui generated API docs from express, based on a swagger.json file. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the NOTE: This vulnerability has also been identified as: CVE-2018-25031 How to fix Server-side Request Forgery (SSRF)? Upgrade |
<4.3.0
|