Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

CNVD
CNVDadded 2017/11/29 12:0 a.m.2 views

Swagger Parser and Swagger codegen arbitrary code execution vulnerability

Swagger Parser is a Swagger cross-language REST API interface parser. swagger codegen is an API development tool. An arbitrary code execution vulnerability exists in the yaml parsing feature in Swagger Parser 1.0.30 and earlier and Swagger codegen 2.2.2 and earlier. An attacker can exploit this...

8.8CVSS8.2AI score0.00423EPSS
Exploits0References1
OSV
OSVadded 2017/11/27 3:29 p.m.1 views

CVE-2017-1000207

A vulnerability in Swagger-Parser's version = 1.0.30 and Swagger codegen version = 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in...

8.8CVSS6AI score0.00463EPSS
Exploits0References2
Prion
Prionadded 2017/11/27 3:29 p.m.16 views

Design/Logic Flaw

A vulnerability in Swagger-Parser's version = 1.0.30 and Swagger codegen version = 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in...

6.8CVSS8.9AI score0.00463EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2017/11/27 3:0 p.m.75 views

CVE-2017-1000207

CVE-2017-1000207 concerns a vulnerability in Swagger-Parser (<= 1.0.30) and Swagger Codegen (

8.8CVSS8.9AI score0.00423EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2017/11/27 3:0 p.m.13 views

CVE-2017-1000207

A vulnerability in Swagger-Parser's version = 1.0.30 and Swagger codegen version = 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in...

8.9AI score0.00423EPSS
Exploits0References2
CNVD
CNVDadded 2017/11/25 12:0 a.m.2 views

Swagger-Parser's and swagger-codegen Arbitrary Code Execution Vulnerabilities

Swagger-Parser's is a Swagger cross-language REST API interface parser. swagger-codegen is an API development tool. A security vulnerability exists in Swagger-Parser's 1.0.30 and earlier and swagger-codegen 2.2.2 and earlier. An attacker can exploit the vulnerability to execute arbitrary code...

8.8CVSS7.4AI score0.00463EPSS
Exploits0References1
NVD
NVDadded 2017/11/17 2:29 a.m.6 views

CVE-2017-1000208

A vulnerability in Swagger-Parser's version = 1.0.30 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen = 2.2.2 and can lead to...

8.8CVSS8.9AI score0.00463EPSS
Exploits0References2
Prion
Prionadded 2017/11/17 2:29 a.m.14 views

Design/Logic Flaw

A vulnerability in Swagger-Parser's version = 1.0.30 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen = 2.2.2 and can lead to...

6.8CVSS8.9AI score0.00463EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder