Security
Headlines

Headlines Latest CVEs

Headline

GHSA-wg4w-5m5r-w3p8: OpenAPI Generator vulnerable to Server-Side Request Forgery

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.

1 year ago

#vulnerability #git #ssrf

OpenAPI Generator vulnerable to Server-Side Request Forgery

Moderate severity GitHub Reviewed Published Mar 31, 2023 to the GitHub Advisory Database • Updated Mar 31, 2023

Related news

CVE-2023-27162: openapi-generator API SSRF details - CodiMD

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.

1 year ago

#sql #vulnerability #web #mac #nginx #ssrf #auth

ghsa: Latest News

GHSA-c7xm-rwqj-pgcj: LimeSurvey Cross Site Scripting vulnerability

10 hours ago

GHSA-74q2-6jp4-3rqq: Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name

10 hours ago

GHSA-632q-77qj-c89q: LimeSurvey Cross Site Scripting vulnerability

10 hours ago

GHSA-6hwr-6v2f-3m88: XXE in PHPSpreadsheet's XLSX reader

12 hours ago

GHSA-r8w8-74ww-j4wh: PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks

12 hours ago