swagger-generator is vulnerable to privilege escalation. The use of method File.createTempFile
allows an attacker to append the contents of the outputFolder
, thereby leading to an execution of attacker controlled code if the code is written to this directory.
CPE | Name | Operator | Version |
---|---|---|---|
swagger-generator | le | 2.4.18 | |
swagger-generator | le | 2.4.18 |