Security
Headlines

Headlines Latest CVEs

Headline

GHSA-wg4w-5m5r-w3p8: OpenAPI Generator vulnerable to Server-Side Request Forgery

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.

1 year ago

#vulnerability #git #ssrf

OpenAPI Generator vulnerable to Server-Side Request Forgery

Moderate severity GitHub Reviewed Published Mar 31, 2023 to the GitHub Advisory Database • Updated Mar 31, 2023

Related news

CVE-2023-27162: openapi-generator API SSRF details - CodiMD

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.

1 year ago

#sql #vulnerability #web #mac #nginx #ssrf #auth

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution

1 day ago

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

1 day ago

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

1 day ago

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

1 day ago

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

1 day ago