swagger-api/swagger-petstore

swagger-api/swagger-petstore

petstore.swagger.io

Releases39

Frequency1 month 3 weeks

Last Release 11 months ago

Stars309

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-29156 ↗	Sep 25, 2025Thursday, 25 September 2025, 19:15	6.1 MEDIUM	—
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet
CVE-2025-29157 ↗	Sep 25, 2025Thursday, 25 September 2025, 19:15	6.5 MEDIUM	—
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name (default) and server version
CVE-2025-29155 ↗	Sep 25, 2025Thursday, 25 September 2025, 18:15	6.5 MEDIUM	—
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint