CVE-2023-32571
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-32571
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32571.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-32571
- Aliases
- Published
- 2023-06-22T20:15:09Z
- Modified
- 2025-02-19T03:32:10.785919Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.
- References
Affected packages
Git / github.com/zzzprojects/system.linq.dynamic.core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zzzprojects/system.linq.dynamic.core
- Events
-
IntroducedLast affected
Affected versions
1.*
1.0.10.0
1.0.11.0
1.0.12.0
1.0.13.0
1.0.14.0
1.0.15.0
1.0.16.0
1.0.17.0
1.0.18.0
1.0.19.0
1.0.20.0
1.0.21.0
1.0.22.0
1.0.23.0
1.0.24.0
1.0.7.10
1.0.7.12
1.0.7.13
1.0.8.0
1.0.8.1
1.0.8.10
1.0.8.11
1.0.8.12
1.0.8.14
1.0.8.15
1.0.8.16
1.0.8.17
1.0.8.18
1.0.8.2
1.0.8.3
1.0.8.4
1.0.8.5
1.0.8.6
1.0.8.7
1.0.8.8
1.0.8.9
1.0.9.0
1.0.9.1
1.0.9.2
1.1.0.0
v1.*
v1.1.1
v1.1.2
v1.1.3
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.2.0
v1.2.1
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.16
v1.2.17
v1.2.18
v1.2.19
v1.2.2
v1.2.20
v1.2.21
v1.2.22
v1.2.23
v1.2.24
v1.2.25
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9