LiteDB prior to 5.0.13 allows Deserialization of Untrusted Data via special field in JSON documents
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | CVE-2022-23535 | 24 Feb 202323:15 | – | nvd |
![]() | CVE-2022-23535 | 24 Feb 202323:15 | – | osv |
![]() | LiteDB may deserialize bad JSON on object type using _type | 24 Feb 202316:22 | – | osv |
![]() | CVE-2022-23535 LiteDB contains Deserialization of Untrusted Data | 24 Feb 202322:40 | – | cvelist |
![]() | LiteDB may deserialize bad JSON on object type using _type | 24 Feb 202316:22 | – | github |
![]() | Deserialization of untrusted data | 24 Feb 202323:15 | – | prion |
![]() | Deserialization Of Untrusted Object | 1 Mar 202310:14 | – | veracode |
[
{
"vendor": "mbdavid",
"product": "LiteDB",
"versions": [
{
"version": "< 5.0.13",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo