CNNVD-202601-3316 Information

CNNVD ID

CNNVD-202601-3316

Related CVE

CVE-2026-23947

• CNNVD Published: 2026-01-20

Description (Chinese)

Orval是Orval开源的一个接口开发工具。 Orval 7.10.0版本至8.0.2之前版本存在安全漏洞，该漏洞源于x-enumDescriptions字段未经适当转义嵌入，可能导致任意代码执行。

Description (English)

Orval is an interface development tool for the Open Source of Orval. Orval 7.10.0 to 8.2 had a security loophole, which originated from the inappropriate transposition of the x-enumDescriptions field, which could lead to any code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Orval

Published

2026-01-20

Last Modified

2026-02-24

References

https://github.com/orval-labs/orval/security/advisories/GHSA-h526-wf6g-67jv https://github.com/orval-labs/orval/releases/tag/v8.0.2 https://access.redhat.com/security/cve/cve-2026-23947

Patch

https://github.com/orval-labs/orval/releases