InfoWorld

Swagger stumbles: Flaw enables remote code execution

Swagger's code generators and parsers forgot the core tenet of software development, which is never to trust user input The popular open source API framework Swagger lets developers describe, produce, ...
Threat Post

Unpatched Remote Code Execution Flaw Exists in Swagger

Researchers at Rapid7 found a vulnerability in the Swagger Code Generator that could execute arbitrary code embedded in a Swagger document. An unexpected behavior in a relatively new and popular open ...