This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2022-03-17T11:20:11.330553Z

Updated: 2024-09-16T19:00:15.547Z

Reserved: 2022-02-24T00:00:00

Link: CVE-2022-0749

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-17T12:15:07.970

Modified: 2024-11-21T06:39:19.003

Link: CVE-2022-0749

cve-icon Redhat

No data.