VYPR

Kin Openapi

by Getkin

Source repositories

CVEs (1)

  • CVE-2025-30153HigMar 19, 2025
    risk 0.42cvss 7.5epss 0.01

    kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available…