Описание
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the outputFolder option. The issue was fixed in version 7.6.0 by removing the usage of the outputFolder option. No known workarounds are available.
A flaw was found in OpenAPI generator, where it allows the generation of API client libraries, for example, SDK generation, server stubs, documentation, and configuration, automatically given an OpenAPI Spec. This flaw allows an attacker to cause a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory, as anyone can set the output folder when submitting the request via the outputFolder option.
Отчет
This vulnerability in OpenAPI Generator is classified as Moderate severity due to its potential to be exploited for unauthorized file system access, allowing attackers to perform read and delete operations on files and folders within any writable directory. The impact is mitigated by the requirement that attackers must have the ability to submit requests to the generator, limiting the exploit's feasibility to environments where access controls are already compromised or insufficiently stringent.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Serverless | openapi-generator-online | Not affected | ||
| Red Hat Fuse 7 | openapi-generator-online | Not affected | ||
| streams for Apache Kafka | openapi-generator-online | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.3 High
CVSS3
Связанные уязвимости
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the `outputFolder` option. The issue was fixed in version 7.6.0 by removing the usage of the `outputFolder` option. No known workarounds are available.
OpenAPI Generator Online - Arbitrary File Read/Delete
Уязвимость програмного средства автоматической генериции клиентских библиотек API OpenAPI Generator, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю обойти ограничения безопасности и получить доступ на чтение, изменение или удаление данных
EPSS
8.3 High
CVSS3