search

projectdiscovery / nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
18.32k stars 2.33k forks source link

Error Handling Circular References in OpenAPI 3.0 Schemas #5285

Open dimitriospapadimas opened 4 weeks ago

dimitriospapadimas commented 4 weeks ago

Nuclei version:

v3.2.7

Current Behavior:

When running nuclei with the command nuclei -l file.yaml -im openapi, I receive the following error:

Could not create runner: could not create input provider: could not parse input file: could not decode openapi 3.0 schema: kin-openapi bug found: circular schema reference not handled with length 9 - #/components/schemas/JsonObject -> #/components/schemas/JsonPrimitive -> #/components/schemas/JsonPrimitive -> #/components/schemas/JsonNull -> #/components/schemas/JsonObject -> #/components/schemas/JsonPrimitive -> #/components/schemas/JsonNull -> #/components/schemas/JsonNull -> #/components/schemas/JsonPrimitive

Expected Behavior:

I expected nuclei to parse the OpenAPI 3.0 schema successfully without encountering a circular schema reference error.

Steps To Reproduce:

  1. Run the command nuclei -l file.yaml -im openapi with nuclei version v3.2.7 against an OpenAPI with circular references.
  2. Observe the error message regarding the circular schema reference.

Anything else:

My team and I are very interested in developing a solution to this issue, as it is crucial for us to use nuclei with OpenAPI specifications that include circular references. Resolving this problem will greatly enhance our ability to perform vulnerability scans on complex API schemas.

ehsandeep commented 4 weeks ago

Hi @dimitriospapadimas,

Thanks for sharing the issue with us, fuzzing feature is introduced recently and have many possibility to improve and bug fixes like this!

Feel free to open a PR with a fix, and we will be happy to review and collaborate on it.