CNNVD-202509-3932 Information
CNNVD ID
CNNVD-202509-3932
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
Swagger Petstore Sample是Swagger开源的一个宠物商店系统示例。 Swagger Petstore Sample 1.0.7版本存在安全漏洞,该漏洞源于DELETE端点未正确验证输入,可能导致远程代码执行。
Description (English)
Swagger Petstore Sample is an example of a pet shop system that is open to Swagger. There is a security loophole in version 1.0.7 of Swager Petstore Sample, which stems from the incorrect validation of the DLETE endpoint input, which may result in remote code execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Swagger
Published
2025-09-25
Last Modified
2026-02-24
References
https://gist.github.com/HouqiyuA/4efd1aac7c7c7ab0cd5db48d62541a74 https://github.com/swagger-api/swagger-petstore https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml https://access.redhat.com/security/cve/cve-2025-29155
Patch
https://github.com/swagger-api/swagger-petstore/releases
Share on: