Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-epgk-7545-cyay
Vulnerability ID VCID-epgk-7545-cyay
Aliases CVE-2021-21363
GHSA-pc22-3g76-gm6j
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-378 Creation of Temporary File With Insecure Permissions
CWE-379 Creation of Temporary File in Directory with Insecure Permissions
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
System Score Found at
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2021-21363
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2021-21363
cvssv3.1_qr LOW https://github.com/advisories/GHSA-pc22-3g76-gm6j
cvssv3.1 9.3 https://github.com/swagger-api/swagger-codegen/commit/987ea7a30b463cc239580d6ad166c707ae942a89
generic_textual LOW https://github.com/swagger-api/swagger-codegen/commit/987ea7a30b463cc239580d6ad166c707ae942a89
cvssv3.1 9.3 https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j
cvssv3.1_qr LOW https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j
generic_textual LOW https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j
cvssv3.1 9.3 https://nvd.nist.gov/vuln/detail/CVE-2021-21363
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2021-21363
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-21363
https://github.com/swagger-api/swagger-codegen/commit/987ea7a30b463cc239580d6ad166c707ae942a89
https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j
https://nvd.nist.gov/vuln/detail/CVE-2021-21363
GHSA-pc22-3g76-gm6j https://github.com/advisories/GHSA-pc22-3g76-gm6j
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/swagger-api/swagger-codegen/commit/987ea7a30b463cc239580d6ad166c707ae942a89
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-21363
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.13889
EPSS Score 0.00044
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T01:58:33.936498+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0