[SECURITY] Fedora 34 Update: python-fastapi-0.65.1-2.fc34

FastAPI is a modern, fast high-performance, web framework for building AP Is with Python 3.6+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with Node JS and Go thanks to Starlette and Pydantic. One of the fastest Python...

Insecure Temporary File And Folder

openapi-generator-online uses insecure temporary file and folder. The usage of Files.createTempFile to create temporary files and folders allows auto-generated files to be read and modified by any user on the system...

GHSA-CQXR-XF2W-943W Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code

Impact This vulnerability impacts generated code. If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually! On Unix-Like systems, the system temporary directory is shared between all local users. When...

app.keyconnect.api:keyconnect-api (=1.0.0), app.keyconnect:keyconnect-rippled-api (=1.0.0) +127 more potentially affected by CVE-2021-21430 via org.openapitools:openapi-generator (>=3.0.0 <=5.0.1)

org.openapitools:openapi-generator MAVEN version =3.0.0, =4.1, =4.1, =0.1.0.0, =0.1.0.0, =0.1.0.0, =0.4.0, =0.1.0.0, =0.1.3, =1.1, =0.4.0, =0.5.1, =0.4.0, =0.4.0, =0.5.3 and more Source cves: CVE-2021-21430 Source advisory: OSV:GHSA-CQXR-XF2W-943W...

Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code

Impact This vulnerability impacts generated code. If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually! On Unix-Like systems, the system temporary directory is shared between all local users. When...

Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...

CVE-2021-21430

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data...

CVE-2021-21430

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data...

Design/Logic Flaw

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data...

CVE-2021-21430 Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data...

CVE-2021-21430

OpenAPI Generator contains a vulnerability where code generated for Java/Scala performs insecure temporary file creation via File.createTempFile, risking exposure of application/data when handling binary uploads/downloads. Affected generators include Java (jersey2, okhttp-gson default) and scala-...

CVE-2021-21428

Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...

CVE-2021-21428

Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...

Design/Logic Flaw

Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...

CVE-2021-21428

CVE-2021-21428 affects the OpenAPI Generator project. The issue originates in the openapi-generator-online component, where temporary folders/files were created using File.createTempFile, allowing other users on the same system to read and potentially modify the auto-generated files. Root cause d...

CVE-2021-21428 Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...

Openapi generator 安全漏洞

openapi-generator is a software application. It provides an open API interface. A security vulnerability exists in Openapi generator. The vulnerability arises when the program creates insecure temporary directories that can be read and appended by any user on the system...

PT-2021-14500 · Unknown · Openapi-Generator-Online

Name of the Vulnerable Software and Affected Versions: openapi-generator-online versions prior to 5.1.0 Description: The openapi-generator-online tool creates insecure temporary folders during the code generation process, allowing any user on the system to read and append to the auto-generated...

PT-2021-14502 · Unknown · Openapi Generator

Name of the Vulnerable Software and Affected Versions: OpenAPI Generator versions prior to 5.1.0 Description: The issue arises from the use of the JDK method File.createTempFile, which creates insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generate...

OpenAPI Tools OpenAPI Generator 安全漏洞

OpenAPI Tools OpenAPI Generator is an OpenAPI generator. The product allows automatic generation of API client libraries SDK generation, server stubs, documentation, configuration, etc. for a given OpenAPI specification v2, v3. A security vulnerability exists in Openapi generator. The vulnerabili...