CVE-2020-15142

Severity CVSS v4.0:
Pending analysis
Type:
CWE-94 Code Injection
Publication date:
14/08/2020
Last modified:
20/08/2020

Description

In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. Subsequent execution of this malicious client is arbitrary code execution.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:openapi-python-client_project:openapi-python-client:*:*:*:*:*:*:*:* 0.5.3 (excluding)