openapi_python_client is vulnerable to arbitrary code execution. An attacker is able to execute arbitrary code on the client via a malicious OpenAPI document due to lack of sanitization and validation.
CPE | Name | Operator | Version |
---|---|---|---|
openapi-python-client | eq | 0.3.0 | |
openapi-python-client | le | 0.5.2 | |
openapi-python-client | eq | 0.3.0 | |
openapi-python-client | le | 0.5.2 |
github.com/advisories/GHSA-9x4c-63pf-525f
github.com/triaxtec/openapi-python-client/blob/main/CHANGELOG.md#053---2020-08-13
github.com/triaxtec/openapi-python-client/commit/f7a56aae32cba823a77a84a1f10400799b19c19a
github.com/triaxtec/openapi-python-client/security/advisories/GHSA-9x4c-63pf-525f
pypi.org/project/openapi-python-client/