2 matches found
CVE-2026-59861
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.0, Kiota's Ruby generator embedded OpenAPI default fields, property names, and other schema-derived strings through CodeMethodWriter.cs and SanitizeForQuotedLiteral in Writers/StringExtensions.cs into Ruby double-quoted literals...
CVE-2026-59861
Kiota Ruby generator vulnerability (CVE-2026-59861): Before version 1.32.0, the Ruby code generator embedded OpenAPI-derived strings into Ruby double-quoted literals without escaping interpolation markers (# {expr}, #$var, #@var). This allowed attacker-controlled interpolations to inject arbitrar...