Frantuma

**Name of the Vulnerable Software and Affected Versions** swagger-codegen versions prior to 2.4.19 **Description** The system's temporary directory is shared between all users on Unix-like systems, allowing a collocated user to observe and race to complete the creation of a temporary subdirectory. This is a local privilege escalation issue because an attacker can append to the contents of the `outputFolder` and control code written to this directory when executed. The method `File.createTempFile` from the JDK is vulnerable to this local information disclosure issue. **Recommendations** For versions prior to 2.4.19, update to version 2.4.19 to fix the vulnerability. As a temporary workaround, consider avoiding the use of the `File.createTempFile` method and instead use the `Files` API for creating temporary directories, which does not contain the race condition and sets the correct file permissions. Restrict access to the temporary directory to minimize the risk of exploitation.