CVE-2021-21430 - OpenCVE

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Openapi-generator	Openapi Generator

Configuration 1 [-]

cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/OpenAPITools/openapi-generator/pull/8787
https://github.com/OpenAPITools/openapi-generator/pull/8791
https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-05-10T19:25:12

Updated: 2024-08-03T18:09:16.157Z

Reserved: 2020-12-22T00:00:00

Link: CVE-2021-21430

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-05-10T20:15:07.840

Modified: 2022-10-24T20:46:45.157

Link: CVE-2021-21430

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "openapi-generator", "vendor": "OpenAPITools", "versions": [{"status": "affected", "version": "< 5.1.0"}]}], "descriptions": [{"lang": "en", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-10T19:25:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}], "source": {"advisory": "GHSA-cqxr-xf2w-943w", "discovery": "UNKNOWN"}, "title": "Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-21430", "STATE": "PUBLIC", "TITLE": "Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "openapi-generator", "version": {"version_data": [{"version_value": "< 5.1.0"}]}}]}, "vendor_name": "OpenAPITools"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269: Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w", "refsource": "CONFIRM", "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"name": "https://github.com/OpenAPITools/openapi-generator/pull/8791", "refsource": "MISC", "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"name": "https://github.com/OpenAPITools/openapi-generator/pull/8787", "refsource": "MISC", "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}]}, "source": {"advisory": "GHSA-cqxr-xf2w-943w", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:09:16.157Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-21430", "datePublished": "2021-05-10T19:25:12", "dateReserved": "2020-12-22T00:00:00", "dateUpdated": "2024-08-03T18:09:16.157Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F00E0479-8B4E-4665-B09B-096E44C97DC2", "versionEndExcluding": "5.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}, {"lang": "es", "value": "OpenAPI Generator permite la generaci\u00f3n de bibliotecas de cliente API (generaci\u00f3n de SDK), stubs de servidor, documentaci\u00f3n y configuraci\u00f3n de forma autom\u00e1tica dada una especificaci\u00f3n de OpenAPI. El uso de \"File.createTempFile\" en JDK dar\u00e1 como resultado la creaci\u00f3n y el uso de archivos temporales no seguros que pueden dejar la aplicaci\u00f3n y los datos del sistema vulnerables a los ataques. El c\u00f3digo generado autom\u00e1ticamente (Java, Scala) que se ocupa de cargar o descargar datos binarios por medio de los endpoints de la API crear\u00e1 archivos temporales no seguros durante el proceso. Generadores afectados: \"java\" (jersey2, okhttp-gson (biblioteca predeterminada)),\"scala-finch\". El problema se corrigi\u00f3 con \"Files.createTempFile\" y se lanz\u00f3 en la versi\u00f3n estable v5.1.0"}], "id": "CVE-2021-21430", "lastModified": "2022-10-24T20:46:45.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-05-10T20:15:07.840", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "security-advisories@github.com", "type": "Secondary"}]}