CVE-2024-22207MEDIUMCVSS 5.3PoCfixed in 2.1.02024-01-15
CVE-2024-22207 [MEDIUM] CWE-1188 CVE-2024-22207: fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configur
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vuln
cvelistv5nvd