Openapitools Openapi-Generator vulnerabilities
4 known vulnerabilities affecting openapitools/openapi-generator.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH2MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2024-35219P1HIGHCVSS 8.3ExploitedPoCfixed in 7.6.02024-05-27
CVE-2024-35219 [HIGH] CWE-22 CVE-2024-35219: OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, document
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when
nvd
CVE-2021-21428P4HIGHCVSS 7.0fixed in 5.1.02021-05-10
CVE-2021-21428 [HIGH] CWE-269 CVE-2021-21428: Openapi generator is a java tool which allows generation of API client libraries (SDK generation), s
Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation process. The insecure temporary folders store the auto-gene
nvd
CVE-2021-21430P4MEDIUMCVSS 5.5fixed in 5.1.02021-05-10
CVE-2021-21430 [MEDIUM] CWE-269 CVE-2021-21430: OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, document
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Sca
nvd
CVE-2021-21429P4LOWCVSS 3.3fixed in 5.1.02021-04-27
CVE-2021-21429 [LOW] CWE-552 CVE-2021-21429: OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configu
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. OpenAPI Generator maven plug-in creates insecure t
nvd