Lucene search
GoogleOSV:CVE-2018-25031HistoryMar 11, 2022 - 7:15 a.m.
CVE-2018-25031
2022-03-1107:15:07
Google
osv.dev
6
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| swagger-ui | eq | 3.34.0 | |
| swagger-ui | eq | 3.0.8 | |
| swagger-ui | eq | 3.18.0 | |
| swagger-ui | eq | 3.49.0 | |
| swagger-ui | eq | 2.2.1 | |
| swagger-ui | eq | 3.9.0 | |
| swagger-ui | eq | 2.0.14 | |
| swagger-ui | eq | 3.32.1 | |
| swagger-ui | eq | 3.36.0 | |
| swagger-ui | eq | 3.23.0 |
Related
cve
cve
CVE-2018-25031
2022-03-11 07:15:07
packetstorm
packetstorm
Swagger UI 4.1.3 Critical Information Misrepresentation
2023-04-20 00:00:00
ibm
ibm
Security Bulletin: Swagger-ui as used by IBM QRadar Advisor With Watson App is vulnerable to spoofing attacks (CVE-2018-25031)
2023-02-15 13:45:24
Security Bulletin: Vulnerabilities in Springfox swagger affect IBM Rational ClearQuest
2023-09-29 17:27:30
Security Bulletin: Open Source Dependency Vulnerability
2023-05-15 17:52:34
exploitdb
exploitdb
github
github
Spoofing attack in swagger-ui
2022-03-12 00:00:36
cvelist
cvelist
CVE-2018-25031
2022-03-11 06:47:46
prion
prion
Design/Logic Flaw
2022-03-11 07:15:00
zdt
zdt
veracode
veracode
Spoofing Attack
2022-03-14 06:03:00
nvd
nvd
CVE-2018-25031
2022-03-11 07:15:07
osv
osv
Spoofing attack in swagger-ui
2022-03-12 00:00:36
ubuntucve
ubuntucve
CVE-2018-25031
2022-03-11 00:00:00