CVE-2021-21429
- Source
- https://cve.org/CVERecord?id=CVE-2021-21429
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21429.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-21429
- Aliases
- Related
- Published
- 2021-04-27T20:15:08.763Z
- Modified
- 2026-03-13T22:15:45.890071Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using
File.createTempFilein JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. OpenAPI Generator maven plug-in creates insecure temporary files during the process. The issue has been patched withFiles.createTempFileand released in the v5.1.0 stable version. - References
Affected packages
Git / github.com/openapitools/openapi-generator
Affected versions
2.*
2.0.17
swagger-codegen_2.*
swagger-codegen_2.9.1-1.1
swagger-codegen_2.9.1-2.0.0
swagger-codegen_2.9.1-2.0.1
v2.*
v2.0.13
v2.0.18
v2.1.0-M1
v2.1.0-M2
v2.1.1-M1
v2.1.2
v2.1.2-M1
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.3.0
v2.3.1
v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.1.0
v3.1.1
v3.1.2
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.3.4
v4.*
v4.0.0
v4.0.0-beta2
v4.0.0-beta3
v4.0.1
v4.0.2
v4.0.3
v4.1.0
v4.1.1
v4.1.2
v4.1.3
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.3.0
v4.3.1
v5.*
v5.0.0
v5.0.0-beta
v5.0.0-beta2
v5.0.0-beta3
v5.0.1