Description
SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered.
Recommendation
Update the swagger-ui package to the latest compatible version. Followings are version details:
- Affected version(s): < 4.1.3
- Patched version(s): 4.1.3
References
Related Issues
- Spoofing attack in swagger-ui - CVE-2018-25031
- Firepad allows insecure document access - CVE-2024-51210
- Cross site scripting in markdown-to-jsx - CVE-2024-21535
- uPlot Prototype Pollution vulnerability - CVE-2024-21489
- Tags:
- npm
- swagger-ui
Anything's wrong? Let us know Last updated on June 02, 2023