2 matches found
CVE-2026-59862
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.0, Kiota's Python generator let attacker-controlled enum value descriptions from x-ms-enum.values.description flow through KiotaBuilder.SetEnumOptions into Documentation.DescriptionTemplate and...
CVE-2026-59862
Kiota Python generator vulnerability (CVE-2026-59862): before version 1.32.0, attacker-controlled x-ms-enum.values[].description could flow into KiotaBuilder.SetEnumOptions and PythonConventionService.RemoveInvalidDescriptionCharacters without newline sanitization, enabling generated inline comme...