CVE advisoryCRITICAL
CVE-2023-27162
OpenAPI Generator SSRF Vulnerability Affecting Client Generation
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A critical Server-Side Request Forgery vulnerability in openapi-generator allows unauthenticated attackers to access network resources and sensitive information via a crafted API request to the `/api/gen/clients/{language}` component. This could lead to unauthorized access to internal systems and data.