Vulnerabilities > Swagger

DATE CVE VULNERABILITY TITLE RISK
2017-11-27 CVE-2017-1000207 Deserialization of Untrusted Data vulnerability in Swagger Swagger-Codegen and Swagger-Parser
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed.
network
low complexity
swagger CWE-502
8.8
2017-11-17 CVE-2017-1000208 Deserialization of Untrusted Data vulnerability in Swagger Swagger-Codegen and Swagger-Parser
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed.
network
low complexity
swagger CWE-502
8.8