CVE-2023-27162
on github
Published
Severity
CVSS v3:
9.1 CRITICAL
CVSS v2:
N/A
Description
openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:* | n/a | 6.4.0 (including) | * |