CVE-2023-38337

Posted on by admin

CVE-2023-38337

rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.

Source: CVE-2023-38337

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다