Vulnerabilities > Smartbear > Swagger UI > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-15 | CVE-2024-22207 | Insecure Default Initialization of Resource vulnerability in Smartbear Swagger UI 2.0.0/2.0.1 fastify-swagger-ui is a Fastify plugin for serving Swagger UI. | 5.3 |
| 2022-03-11 | CVE-2018-25031 | Improper Input Validation vulnerability in Smartbear Swagger UI Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. | 4.3 |
| 2022-03-11 | CVE-2021-46708 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Smartbear Swagger UI The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
| 2019-12-20 | CVE-2016-1000229 | Cross-site Scripting vulnerability in multiple products swagger-ui has XSS in key names | 4.3 |
| 2017-04-10 | CVE-2016-5682 | Cross-site Scripting vulnerability in Smartbear Swagger-Ui Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section. | 4.3 |