Filtered by vendor Rswag Project Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-38337 1 Rswag Project 1 Rswag 2024-11-21 7.5 High
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.