PT-2025-18089 · Devexpress · Devexpress
Publicado
2025-04-28
·
Atualizado
2025-06-05
·
CVE-2023-35816
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
DevExpress versions prior to 23.1.3
Description
The issue allows for arbitrary TypeConverter conversion. This could potentially lead to unintended consequences, although specific details about the impact or exploitation of this issue are not provided.
Recommendations
For versions prior to 23.1.3, update to version 23.1.3 or later to resolve the issue.
Correção
RCE
Relative Path Traversal
Incorrect Type Conversion or Cast
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Devexpress