2 matches found
External Control of System or Configuration Setting
Overview Affected versions of this package are vulnerable to External Control of System or Configuration Setting in the staging of live sites. An attacker can exfiltrate sensitive data to an external server by supplying malicious values for the remoteAddress and remotePort parameters. Note: This ...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when using .NET's JsonSerializer.DeserializeAsyncEnumerable function on untrusted input. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...