Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-21428
HistoryMay 10, 2021 - 7:15 p.m.

CVE-2021-21428

2021-05-1019:15:08
Google
osv.dev
14
openapi generator
api client libraries
server stubs
documentation
configuration
file.createtempfile
insecure temporary folders
code generation
security issue
patch
v5.1.0 stable version
software

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

17.8%

JSON

Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation process. The insecure temporary folders store the auto-generated files which can be read and appended to by any users on the system. The issue has been patched with Files.createTempFile and released in the v5.1.0 stable version.

Related

cve 1
prion 1
cvelist 1
veracode 1
nvd 1
github 1
osv 1
cve
cve
CVE-2021-21428
2021-05-10 19:15:08
prion
prion
Design/Logic Flaw
2021-05-10 19:15:00
cvelist
cvelist
CVE-2021-21428 Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
2021-05-10 18:50:12
veracode
veracode
Insecure Temporary File And Folder
2021-05-11 07:28:45
nvd
nvd
CVE-2021-21428
2021-05-10 19:15:08
github
github
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
2021-05-11 00:04:40
osv
osv
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
2021-05-11 00:04:40

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

17.8%

JSON
Related for OSV:CVE-2021-21428
cve1prion1cvelist1veracode1nvd1github1osv1