Lucene search
K

4 matches found

NVD
NVD
added 2026/04/22 9:17 p.m.5 views

CVE-2026-41134

Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata,...

7.8CVSS0.00421EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/14 11:39 p.m.4 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the multiple writer sinks such as serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission. An attacker can execute arbitra...

7.8CVSS6.1AI score0.00421EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/14 11:39 p.m.7 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the multiple writer sinks such as serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission. An attacker can execute arbitra...

7.8CVSS6.1AI score0.00421EPSS
Exploits1References2
OSV
OSV
added 2026/04/14 11:39 p.m.5 views

GHSA-2HX3-VP6R-MG3F Kiota: Code Generation Literal Injection

CVE Advisory CVE-2026-41134: Code Generation Literal Injection in Kiota Summary Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template...

7.3CVSS5.8AI score0.00421EPSS
Exploits1References3
Rows per page
Query Builder