2 matches found
CVE-2022-23535
LiteDB is a small, fast and lightweight .NET NoSQL embedded database. Versions prior to 5.0.13 are subject to Deserialization of Untrusted Data. LiteDB uses a special field in JSON documents to cast different types from BsonDocument to POCO classes. When instances of an object are not the same of...
CVE-2022-23535
CVE-2022-23535 — LiteDB is affected by a deserialization of untrusted data vulnerability in versions prior to 5.0.13. The issue stems from LiteDB’s BsonMapper deserializing JSON documents that include a special field _type with a full class name and assembly, which can load unsafe objects into th...