Home > Vulnerability Database > WS-2017-3758

Mend.io Vulnerability Database

WS-2017-3758

Good to know:

Date: January 23, 2017

fury-adapter-swagger 0.2.0 before 0.9.7 is vulnerable to Arbitrary File Read vulnerability. Attacker allowed to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service.

Language: JS

Severity Score

5.5

Related Resources (2)

Url: https://github.com/advisories/GHSA-2r7f-4h2c-5x73

Url: https://www.mend.io/vulnerability-database/WS-2017-3758

Severity Score

5.5

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

Top Fix

Upgrade Version

Upgrade to version fury-adapter-swagger - 0.9.7

Learn More

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2017-3758

Good to know:

Date: January 23, 2017

Language: JS

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?