5 matches found
GHSA-CQXR-XF2W-943W Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code
Impact This vulnerability impacts generated code. If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually! On Unix-Like systems, the system temporary directory is shared between all local users. When...
Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code
Impact This vulnerability impacts generated code. If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually! On Unix-Like systems, the system temporary directory is shared between all local users. When...
ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +195 more potentially affected by CVE-2021-21364 via io.swagger:swagger-codegen (>=2.1.1 <=2.4.18)
io.swagger:swagger-codegen MAVEN version =2.1.1, =0.0.2, =0.0.2, =0.1-1, =1.1, =0.1.13, =1.0.1, =1.1, =1.3, =0.12, =1.1.6, =1.1.7 and more Source cves: CVE-2021-21364 Source advisory: OSV:GHSA-HPV8-9RQ5-HQ7W...
CVE-2021-21363 Generator Web Application: Local Privilege Escalation Vulnerability via System Temp Directory
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix like systems, the system's temporary...
CVE-2021-21364
CVE-2021-21364 affects the open-source project swagger-codegen. On Unix-like systems, prior to version 2.4.19, a shared system temporary directory allows a local attacker to observe or exploit the creation of temporary files/directories with default permissions, enabling potential data exposure o...