Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openapi-generator openapi generator vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2023-27162
openapi-generator up to v6.4.0 exists to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows malicious users to access network resources and sensitive information via a crafted API request.
Openapi-generator Openapi Generator
1 Github repository
7.4
CVSSv3
CVE-2019-11405
OpenAPI Tools OpenAPI Generator prior to 4.0.0-20190419.052012-560 uses http:// URLs in various build.gradle, build.gradle.mustache, and build.sbt files, which may have caused insecurely resolved dependencies.
Openapi-generator Openapi Generator
7
CVSSv3
CVE-2021-21428
Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the co...
Openapi-generator Openapi Generator
5.5
CVSSv3
CVE-2021-21430
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave applicatio...
Openapi-generator Openapi Generator
3.3
CVSSv3
CVE-2021-21429
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started