Vulnerabilities > Openapi Generator

DATE CVE VULNERABILITY TITLE RISK
2023-03-31 CVE-2023-27162 Server-Side Request Forgery (SSRF) vulnerability in Openapi-Generator Openapi Generator
openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}.
network
low complexity
openapi-generator CWE-918
critical
9.1
2021-05-10 CVE-2021-21430 Exposure of Resource to Wrong Sphere vulnerability in Openapi-Generator Openapi Generator
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec.
local
low complexity
openapi-generator CWE-668
5.5
2021-05-10 CVE-2021-21428 Exposure of Resource to Wrong Sphere vulnerability in Openapi-Generator Openapi Generator
Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec.
local
high complexity
openapi-generator CWE-668
7.0
2021-04-27 CVE-2021-21429 Unspecified vulnerability in Openapi-Generator Openapi Generator
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec.
local
low complexity
openapi-generator
3.3
2019-04-22 CVE-2019-11405 Missing Encryption of Sensitive Data vulnerability in Openapi-Generator Openapi Generator
OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses http:// URLs in various build.gradle, build.gradle.mustache, and build.sbt files, which may have caused insecurely resolved dependencies.
network
high complexity
openapi-generator CWE-311
7.4