{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T19:37:02.560","vulnerabilities":[{"cve":{"id":"CVE-2022-24863","sourceIdentifier":"security-advisories@github.com","published":"2022-04-18T19:15:09.837","lastModified":"2024-11-21T06:51:15.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"http-swagger is an open source wrapper to automatically generate RESTful API documentation with Swagger 2.0. In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down to improper handling of http methods. Users are advised to upgrade. Users unable to upgrade may to restrict the path prefix to the \"GET\" method as a workaround."},{"lang":"es","value":"http-swagger es un wrapper de código abierto para generar automáticamente la documentación de la API RESTful con Swagger versión  2.0. En versiones de http-swagger anteriores a 1.2.6 un atacante puede llevar a cabo un ataque de denegación de servicio consistente en el agotamiento de la memoria del sistema anfitrión. La causa del agotamiento de la memoria es debido al manejo inapropiado de los métodos http. Es recomendado a usuarios actualizar. Los usuarios que no puedan actualizar pueden restringir el prefijo de la ruta al método \"GET\" como medida de mitigación"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:http-swagger_project:http-swagger:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.6","matchCriteriaId":"05C10F2A-841B-4895-99F9-D7D9DB08F50B"}]}]}],"references":[{"url":"https://github.com/swaggo/http-swagger/commit/b7d83e8fba85a7a51aa7e45e8244b4173f15049e","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/pull/62","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/releases/tag/v1.2.6","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/security/advisories/GHSA-xg75-q3q5-cqmv","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/commit/b7d83e8fba85a7a51aa7e45e8244b4173f15049e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/pull/62","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/releases/tag/v1.2.6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/swaggo/http-swagger/security/advisories/GHSA-xg75-q3q5-cqmv","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}