Microsoft.OpenApi.Kiota.Builder is vulnerable to Path Traversal
93
Critical Risk
Kiota emits the clientClassName and clientNamespaceName values from the x-ms-kiota-info OpenAPI extension raw, without identifier or path sanitization, when kiota generate runs without an explicit class name. An attacker-controlled OpenAPI description can set these to a traversal or absolute path so the generated source file is written outside the output directory, and can inject arbitrary text into the generated class or namespace declaration. This yields arbitrary file write and generated-code corruption. The fix sanitizes both names to a restricted character set before using them in output paths and declarations.
You are affected if you are using a version that falls within the vulnerable range and you generate clients from untrusted OpenAPI descriptions without specifying a client class name.
Microsoft.OpenApi.Kiota.Builder is vulnerable to Path Traversal in versions 0.0.1 - 1.32.4.
Upgrade the Microsoft.OpenApi.Kiota.Builder and/or the Microsoft.OpenApi.Kiota library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant