AIKIDO-2026-41912
datamodel-code-generator is vulnerable to Server-Side Request Forgery (SSRF)
75
High Risk
This Affects:
datamodel-code-generatorTL;DR
When datamodel-code-generator fetches remote schemas over HTTP(S), its SSRF guard resolves the hostname once but lets httpx perform a separate DNS lookup to connect, so a low-TTL rebinding hostname can pass validation with a public IP and connect to a private or link-local target. Before the fix, attacker-influenced remote $ref URLs or --url values could reach loopback, cloud metadata, and other internal services despite default private-network blocking. The patch pins the validated address set for the actual TCP connection so validation and connect use the same resolved IPs.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
datamodel-code-generator is vulnerable to Server-Side Request Forgery (SSRF) in versions 0.0.1 - 0.62.0.
How to fix this
Upgrade the datamodel-code-generator library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant