Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Openapi-generatorOpenapi Generator*

4 matches found

CVE
CVEadded 2021/05/10 7:25 p.m.105 views

CVE-2021-21430

OpenAPI Generator contains a vulnerability where code generated for Java/Scala performs insecure temporary file creation via File.createTempFile, risking exposure of application/data when handling binary uploads/downloads. Affected generators include Java (jersey2, okhttp-gson default) and scala-...

6.2CVSS5.7AI score0.00068EPSS
CVE
CVEadded 2021/05/10 6:50 p.m.96 views

CVE-2021-21428

CVE-2021-21428 affects the OpenAPI Generator project. The issue originates in the openapi-generator-online component, where temporary folders/files were created using File.createTempFile, allowing other users on the same system to read and potentially modify the auto-generated files. Root cause d...

9.3CVSS7AI score0.0005EPSS
CVE
CVEadded 2021/04/27 8:0 p.m.90 views

CVE-2021-21429

OpenAPI Generator (Maven plugin) was vulnerable due to using File.createTempFile in the JDK, which could cause insecure temporary files and potential disclosure of the OpenAPI spec contents to other local users. The affected artifact is the OpenAPI Generator Maven plugin; root cause is insecure h...

4CVSS3.7AI score0.00053EPSS
CVE
CVEadded 2019/04/21 4:7 p.m.60 views

CVE-2019-11405

CVE-2019-11405 affects OpenAPI Tools OpenAPI Generator prior to 4.0.0-20190419.052012-560. The described vulnerability arises because the project uses http:// URLs in build.gradle, build.gradle.mustache, and build.sbt files, enabling insecurely resolved dependencies. This exposes potential Man-in...

8.1CVSS7.4AI score0.00189EPSS