CVE-2017-1000207 PoC — Swagger Parser和Swagger codegen 安全漏洞

Source

https://github.com/andikahilmy/CVE-2017-1000207-swagger-parser-vulnerable

Associated Vulnerability

Title:Swagger Parser和Swagger codegen 安全漏洞 (CVE-2017-1000207)
Description:Swagger Parser是一个Swagger（跨语言REST API接口）解析器。Swagger codegen是一款API开发工具。 Swagger Parser 1.0.30及之前的版本和Swagger codegen 2.2.2及之前的版本中的yaml解析功能存在安全漏洞。攻击者可借助恶意制作的yaml Open-API规范利用该漏洞执行任意代码。

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-1000207 PoC — Swagger Parser和Swagger codegen 安全漏洞

Source

Associated Vulnerability

File Snapshot

Remarks