CVE-2016-1000249
fury-adapter-swagger allows arbitrary file read from system
Description
`fury-adapter-swagger` from version 0.2.0 until version 0.9.7 has a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like `/dev/zero`. ## Proof of Concept: ```yaml --- swagger: '2.0' info: title: Read local files version: '1.0' paths: /foo: get: responses: 200: description: Some description examples: text/html: example: $ref: '/etc/passwd' ``` ## Recommendation Upgrade to version 0.9.7 or later.
How to fix CVE-2016-1000249
To remediate CVE-2016-1000249, upgrade the affected package to a fixed version below.
- —upgrade to 0.9.7 or later
Is CVE-2016-1000249 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2016-1000249.
Affected packages (1)
- >= 0.2.0, < 0.9.7
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
References (6)
- PATCHgithub.com/apiaryio/fury-adapter-swagger
- WEBgithub.com/apiaryio/fury-adapter-swagger/commit/777e2d68f03546a88f3203bbd4725df8b1f662a7
- WEBgithub.com/apiaryio/fury-adapter-swagger/commit/f4407e3a5323bc31123d45dbc93b8417002e4d51#diff-54c345dc104dc19440f9c2482b7883df820e8b9b699fdd8fa07e2773e7197a29
- WEB