Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:29675
HistoryMar 12, 2021 - 2:05 a.m.

Privilege Escalation

2021-03-1202:05:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
vulnerability
swagger-generator
privilege escalation
file.createtempfile
attacker
execution of code
software

EPSS

0

Percentile

15.6%

swagger-generator is vulnerable to privilege escalation. The use of method File.createTempFile allows an attacker to append the contents of the outputFolder, thereby leading to an execution of attacker controlled code if the code is written to this directory.

EPSS

0

Percentile

15.6%

Related for VERACODE:29675