3 matches found
GHSA-23X4-M842-FMWF Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...
Design/Logic Flaw
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the system temporary...
CVE-2021-21363
CVE-2021-21363 affects swagger-codegen prior to 2.4.19, where Unix-like systems share a global temporary directory. A collocated user can observe the creation of a temporary subdirectory in the shared temp dir and racing to complete its creation enables local privilege escalation by potentially a...