diff --git a/modules/swagger-codegen-cli/src/main/java/io/swagger/codegen/v3/cli/SwaggerCodegen.java b/modules/swagger-codegen-cli/src/main/java/io/swagger/codegen/v3/cli/SwaggerCodegen.java
index e4d0a57d958..a9d6233db70 100644
--- a/modules/swagger-codegen-cli/src/main/java/io/swagger/codegen/v3/cli/SwaggerCodegen.java
+++ b/modules/swagger-codegen-cli/src/main/java/io/swagger/codegen/v3/cli/SwaggerCodegen.java
@@ -9,6 +9,7 @@
 import io.swagger.v3.oas.models.media.BooleanSchema;
 import io.swagger.v3.oas.models.media.Schema;
 import io.swagger.v3.parser.OpenAPIV3Parser;
+import io.swagger.v3.parser.core.models.ParseOptions;
 import net.sourceforge.argparse4j.ArgumentParsers;
 import net.sourceforge.argparse4j.inf.Argument;
 import net.sourceforge.argparse4j.inf.ArgumentParser;
@@ -21,10 +22,7 @@
 import org.slf4j.LoggerFactory;
 
 import java.lang.reflect.InvocationTargetException;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 import java.util.stream.Collectors;
 
 /**
@@ -46,7 +44,25 @@ public static void main(String[] args) {
             LOGGER.error("Could not load resource file.");
             return;
         }
-        final OpenAPI openAPI = new OpenAPIV3Parser().readContents(oas3, null, null).getOpenAPI();
+
+        ParseOptions parseOptions = null;
+
+        if (System.getenv("SAFELY_RESOLVE_URL").equals("true")) {
+            List<String> allowList = Optional.ofNullable(System.getenv("REMOTE_REF_ALLOW_LIST"))
+                    .map(str -> Arrays.asList(str.split(",")))
+                    .orElseGet(Collections::emptyList);
+
+            List<String> blockList = Optional.ofNullable(System.getenv("REMOTE_REF_BLOCK_LIST"))
+                    .map(str -> Arrays.asList(str.split(",")))
+                    .orElseGet(Collections::emptyList);
+
+            parseOptions = new ParseOptions();
+            parseOptions.setSafelyResolveURL(true);
+            parseOptions.setRemoteRefAllowList(allowList);
+            parseOptions.setRemoteRefBlockList(blockList);
+        }
+
+        final OpenAPI openAPI = new OpenAPIV3Parser().readContents(oas3, null, parseOptions).getOpenAPI();
         final Map<String, Schema> schemaMap = openAPI.getComponents().getSchemas();
         final Set<String> schemaNames = schemaMap.keySet();
 
diff --git a/pom.docker.xml b/pom.docker.xml
index f1dda307100..d0c300eaf67 100644
--- a/pom.docker.xml
+++ b/pom.docker.xml
@@ -1116,7 +1116,7 @@
         <swagger-codegen-generators-version>1.0.40-SNAPSHOT</swagger-codegen-generators-version>
         <swagger-core-version>2.2.9</swagger-core-version>
         <swagger-core-version-v1>1.6.10</swagger-core-version-v1>
-        <swagger-parser-version>2.1.13</swagger-parser-version>
+        <swagger-parser-version>2.1.14-SNAPSHOT</swagger-parser-version>
         <swagger-parser-version-v1>1.0.65</swagger-parser-version-v1>
         <jackson-version>2.14.2</jackson-version>
         <jackson-databind-version>2.14.2</jackson-databind-version>
diff --git a/pom.xml b/pom.xml
index b64f2e0427c..9fc05cb0e4e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1217,7 +1217,7 @@
         <swagger-codegen-generators-version>1.0.40-SNAPSHOT</swagger-codegen-generators-version>
         <swagger-core-version>2.2.9</swagger-core-version>
         <swagger-core-version-v1>1.6.10</swagger-core-version-v1>
-        <swagger-parser-version>2.1.13</swagger-parser-version>
+        <swagger-parser-version>2.1.14-SNAPSHOT</swagger-parser-version>
         <swagger-parser-version-v1>1.0.65</swagger-parser-version-v1>
         <jackson-version>2.14.2</jackson-version>
         <jackson-databind-version>2.14.2</jackson-databind-version>