CVE-2024-22207
published 2024-01-15CVE-2024-22207: fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will…
PriorityP337medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
2.00%
78.3th percentile
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fastify | fastify-swagger-ui | < 2.1.0 | 2.1.0 |
| fastify | swagger-ui | >= 2.0.0 < 2.1.0 | 2.1.0 |
| smartbear | swagger_ui | >= 2.0.0 < 2.1.0 | 2.1.0 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Default swagger-ui configuration exposes all files in the module
ghsa·2024-01-16
CVE-2024-22207 [MEDIUM] CWE-1188 Default swagger-ui configuration exposes all files in the module
Default swagger-ui configuration exposes all files in the module
### Impact
The default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module.
### Patches
Update to v2.1.0
### Workarounds
Use the `baseDir` option
### References
[HackerOne report
](https://hackerone.com/reports/2312369).
OSV
Default swagger-ui configuration exposes all files in the module
osv·2024-01-16
CVE-2024-22207 [MEDIUM] Default swagger-ui configuration exposes all files in the module
Default swagger-ui configuration exposes all files in the module
### Impact
The default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module.
### Patches
Update to v2.1.0
### Workarounds
Use the `baseDir` option
### References
[HackerOne report
](https://hackerone.com/reports/2312369).
No detection rules found.
Nuclei
Fastify Swagger-UI - Information Disclosure
nuclei·CVSS 5.3
CVE-2024-22207 [MEDIUM] Fastify Swagger-UI - Information Disclosure
Fastify Swagger-UI - Information Disclosure
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability.
Template:
id: CVE-2024-22207
info:
name: Fastify Swagger-UI - Information Disclosure
author: DhiyaneshDK,iamnoooob
severity: medium
description: |
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the
No writeups or analysis indexed.
https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4https://security.netapp.com/advisory/ntap-20240216-0002/https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4https://security.netapp.com/advisory/ntap-20240216-0002/
2024-01-15
Published