Low severity3.0NVD Advisory· Published Aug 14, 2020· Updated Jun 17, 2026
CVE-2020-15141
CVE-2020-15141
Description
In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to be placed in arbitrary locations on disk.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openapi-python-clientPyPI | < 0.5.3 | 0.5.3 |
Affected products
2- Range: < 0.5.3
Patches
Vulnerability mechanics
References
7- github.com/triaxtec/openapi-python-client/commit/3e7dfae5d0b3685abf1ede1bc6c086a116ac4746nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-7wgr-7666-7pwjghsaADVISORY
- github.com/triaxtec/openapi-python-client/blob/main/CHANGELOG.mdnvdRelease NotesThird Party AdvisoryWEB
- github.com/triaxtec/openapi-python-client/security/advisories/GHSA-7wgr-7666-7pwjnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-15141ghsaADVISORY
- pypi.org/project/openapi-python-clientnvdProductThird Party AdvisoryWEB
- github.com/pypa/advisory-database/tree/main/vulns/openapi-python-client/PYSEC-2020-70.yamlghsaWEB
News mentions
0No linked articles in our index yet.