Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.swagger/swagger-codegen@2.2.2
purl pkg:maven/io.swagger/swagger-codegen@2.2.2
Next non-vulnerable version 2.4.19
Latest non-vulnerable version 2.4.19
Risk 4.2
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-3a63-nqfg-37bj
Aliases:
CVE-2017-1000208
GHSA-q7pf-qr96-2vq5
Deserialization of Untrusted Data A vulnerability in this package can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
2.2.3
Affected by 2 other vulnerabilities.
VCID-dxk2-njnw-kqfm
Aliases:
CVE-2021-21364
GHSA-hpv8-9rq5-hq7w
Information Exposure swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition.
2.4.19
Affected by 0 other vulnerabilities.
VCID-zuev-8cnn-9kh3
Aliases:
CVE-2021-21363
GHSA-pc22-3g76-gm6j
Creation of Temporary File With Insecure Permissions swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition.
2.4.19
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-3a63-nqfg-37bj Deserialization of Untrusted Data A vulnerability in this package can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. CVE-2017-1000208
GHSA-q7pf-qr96-2vq5
VCID-rz6y-9cgd-ska5 Deserialization of Untrusted Data A vulnerability in this package can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. CVE-2017-1000207
GHSA-vgvf-9jh3-fg75

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-05T21:07:29.295781+00:00 GHSA Importer Fixing VCID-3a63-nqfg-37bj https://github.com/advisories/GHSA-q7pf-qr96-2vq5 38.6.0
2026-06-05T21:07:29.068274+00:00 GHSA Importer Fixing VCID-rz6y-9cgd-ska5 https://github.com/advisories/GHSA-vgvf-9jh3-fg75 38.6.0
2026-06-04T20:46:08.598847+00:00 GitLab Importer Affected by VCID-dxk2-njnw-kqfm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.swagger/swagger-codegen/CVE-2021-21364.yml 38.6.0
2026-06-04T20:46:07.439179+00:00 GitLab Importer Affected by VCID-zuev-8cnn-9kh3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.swagger/swagger-codegen/CVE-2021-21363.yml 38.6.0
2026-06-04T17:38:41.292984+00:00 GithubOSV Importer Fixing VCID-rz6y-9cgd-ska5 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-vgvf-9jh3-fg75/GHSA-vgvf-9jh3-fg75.json 38.6.0
2026-06-04T17:38:35.973307+00:00 GithubOSV Importer Fixing VCID-3a63-nqfg-37bj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-q7pf-qr96-2vq5/GHSA-q7pf-qr96-2vq5.json 38.6.0
2026-06-02T04:38:32.484960+00:00 GitLab Importer Fixing VCID-rz6y-9cgd-ska5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.swagger/swagger-codegen/CVE-2017-1000207.yml 38.6.0
2026-06-02T04:38:32.233175+00:00 GitLab Importer Affected by VCID-3a63-nqfg-37bj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.swagger/swagger-codegen/CVE-2017-1000208.yml 38.6.0