openapi-generator is vulnerable to man-in-the-middle attacks. Resolved dependencies in build.gradle
, build.gradle.mustache
and build.sbt
are performed over an unencrypted HTTP channel, which would allow a remote attacker to intercept and modify network traffic during the installation of dependencies.