PT-2025-18089 · Devexpress · Devexpress

Published

2025-04-28

Updated

2025-06-05

CVE-2023-35816

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions DevExpress versions prior to 23.1.3

Description The issue allows for arbitrary TypeConverter conversion. This could potentially lead to unintended consequences, although specific details about the impact or exploitation of this issue are not provided.

Recommendations For versions prior to 23.1.3, update to version 23.1.3 or later to resolve the issue.

Fix

RCE

Relative Path Traversal

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-23CWE-704

Related Identifiers

CVE-2023-35816

Affected Products

Devexpress

PT-2025-18089 · Devexpress · Devexpress

CVE-2023-35816

Weakness Enumeration

Related Identifiers

Affected Products

References · 10