PT-2019-12290 · Openai · Openapi Generator

Wing328

·

Published

2019-04-21

·

Updated

2022-05-24

·

CVE-2019-11405

CVSS v3.1

8.1

High

VectorAC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Name of the Vulnerable Software and Affected Versions OpenAPI Generator versions prior to 4.0.0-20190419.052012-560
Description The issue concerns the use of insecure http:// URLs in various build files, potentially leading to insecurely resolved dependencies.
Recommendations For versions prior to 4.0.0-20190419.052012-560, update to version 4.0.0-20190419.052012-560 or later to resolve the issue.

Exploit

Fix

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-311

Related Identifiers

CVE-2019-11405
GHSA-27J5-2H6R-C9Q2

Affected Products

Openapi Generator