Insecure Temporary File And Folder

2021-05-1107:28:45

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

openapi-generator-online

insecure file

temporary folder

files.createtempfile

auto-generated files

system security

EPSS

0.001

Percentile

17.8%

JSON

openapi-generator-online uses insecure temporary file and folder. The usage of Files.createTempFile to create temporary files and folders allows auto-generated files to be read and modified by any user on the system.

References

github.com/OpenAPITools/openapi-generator/pull/8788

github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-23x4-m842-fmwf

EPSS

0.001

Percentile

17.8%

JSON

Related for VERACODE:30417