GHSA-74r6-grj9-8rq6

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-74r6-grj9-8rq6/GHSA-74r6-grj9-8rq6.json
Aliases
  • CVE-2021-23758
Published
2021-12-16T15:27:55Z
Modified
2023-01-31T02:28:51.526805Z
Details

All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.

References

Affected packages

NuGet / AjaxNetProfessional

AjaxNetProfessional

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
21.11.29.1

Affected versions

21.*

21.10.30
21.11.22
21.11.29

Database specific

{
    "last_known_affected_version_range": "<= 21.11.29"
}