PT-2019-12290 · Openai · Openapi Generator

Wing328

·

Publicado

2019-04-21

·

Atualizado

2022-05-24

·

CVE-2019-11405

CVSS v3.1

8.1

Alta

VetorAC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Name of the Vulnerable Software and Affected Versions OpenAPI Generator versions prior to 4.0.0-20190419.052012-560
Description The issue concerns the use of insecure http:// URLs in various build files, potentially leading to insecurely resolved dependencies.
Recommendations For versions prior to 4.0.0-20190419.052012-560, update to version 4.0.0-20190419.052012-560 or later to resolve the issue.

Exploit

Correção

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311

Identificadores relacionados

CVE-2019-11405
GHSA-27J5-2H6R-C9Q2

Produtos afetados

Openapi Generator