Headline
GHSA-w65q-jcmv-28gj: Dynamic Linq vulnerable to remote code execution
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.
Dynamic Linq vulnerable to remote code execution
Moderate severity GitHub Reviewed Published Jun 22, 2023 to the GitHub Advisory Database • Updated Jun 27, 2023
Related news
CVE-2023-32571: GitHub - zzzprojects/System.Linq.Dynamic.Core: The .NET Standard / .NET Core version from the System Linq Dynamic functionality.
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.