CVE-2024-51417

描述

An issue in System.Linq.Dynamic.Core versions before v.1.6.0 allow remote access to properties on reflection types and static properties/fields.

受影響套件(1)

• NuGet/System.Linq.Dynamic.Corefrom 0, < 1.6.0

參考連結(6)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-51417
• PATCHhttps://github.com/zzzprojects/System.Linq.Dynamic.Core
• WEBhttps://dynamic-linq.net/expression-language#operators
• WEBhttps://github.com/zzzprojects/System.Linq.Dynamic.Core/commit/49b6cf0909cf3571e0d3580317675408300dbdac
• WEBhttps://github.com/zzzprojects/System.Linq.Dynamic.Core/issues/867
• WEBhttps://zzzprojects.com