Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Swagger-Parser和swagger-codegen 安全漏洞
Vulnerability Description
Swagger-Parser是一个Swagger(跨语言REST API接口)解析器。swagger-codegen是一款API开发工具。 Swagger-Parser 1.0.30及之前的版本和swagger-codegen 2.2.2及之前的版本中存在安全漏洞。攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A