CVE-2022-0749
Published
CVSS v3
7.4
HIGH
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.
SinGooCMS.Utility 是一个工具类集合,包括配置、文件、日期、数据、序列化、反射、图像处理、网络、缓存、Web相关、加解密、压缩、类扩展等工具类,几乎囊括了开发中的所有工具需求!支持netstandard2.1和net framework 4.6.1。
GitHub