8 matches found
CVE-2026-41134 Kiota: Code Generation Literal Injection
Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata,...
CVE-2026-25141 Orval has a code injection via unsanitized x-enum-descriptions uing JS comments
Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions starting with 7.19.0 and prior to 7.21.0 and 8.2.0 have an incomplete fix for CVE-2026-23947. While the jsStringEscape function properly handles single quotes ', double quotes " and so...
CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation
Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...
[SECURITY] Fedora 42 Update: openapi-python-client-0.26.2-6.fc42
The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenA...
[SECURITY] Fedora 42 Update: openapi-python-client-0.26.2-4.fc42
The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenA...
[SECURITY] Fedora 41 Update: openapi-python-client-0.24.3-2.fc41
The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenA...
MAL-2025-6466 Malicious code in bmlx-openapi-client (PyPI)
--- -= Per source details. Do not edit below this line.=-...
[SECURITY] Fedora 41 Update: python-openapi-core-0.19.4-4.fc41
Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification...