2 matches found
Exploit for Incorrect Comparison in Dynamic-Linq Linq
🐞 CVE-2023-32571 - System.Linq.Dynamic.Core Remote Code Execut...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE due to allowing attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed. Remediation Upgrade System.Linq.Dynamic.Core to version 1.3.0 or...