3 matches found
Code Generation Literal Injection
Kiota is vulnerable to code generation literal injection. The vulnerability is due to insufficient context-aware escaping of malicious values from OpenAPI descriptions during source code generation, which allows an attacker to inject arbitrary code into generated client applications by supplying ...
EUVD-2026-25094
Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata,...
GHSA-2HX3-VP6R-MG3F Kiota: Code Generation Literal Injection
CVE Advisory CVE-2026-41134: Code Generation Literal Injection in Kiota Summary Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template...