Update @apidevtools/json-schema-ref-parser package in json-schema-to-typescript-lite #16
Description
I created this issue to let you know that prior to 14.0.0, the package @apidevtools/json-schema-ref-parser is vulnerable to Server-Side Request Forgery (SSRF) due to the default schema resolver which can potentially fetch requests from tainted urls without further validation. An attacker could exploit this by submitting a malicious schema with $ref pointing to localhost, internal APIs, or cloud metadata services, potentially bypassing network controls and accessing sensitive data.
I added this issue here because this package is a fork so i don't know if there is something you can do about it.