CNNVD-202512-1361 Information

CNNVD ID

CNNVD-202512-1361

Related CVE

CVE-2025-66631

• CNNVD Published: 2025-12-09

Description (Chinese)

CSLA .NET是Marimer LLC开源的一个软件开发框架。可帮助用户为应用程序构建可重用、可维护的面向对象的业务层。 CSLA .NET 5.5.4及之前版本存在代码问题漏洞，该漏洞源于反序列化不当，可能导致远程代码执行。

Description (English)

CSLA .NET is a software development framework open to Marimer LLC. Helps users to build reusable, maintainable, object-oriented business layers for applications. CSLA .NET 5.5.4 and previous versions have a code problem loophole, which stems from inappropriate anti-serialization and may lead to remote code implementation.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Marimer LLC

Published

2025-12-09

Last Modified

2026-02-24

References

https://github.com/MarimerLLC/csla/issues/4001 https://github.com/MarimerLLC/csla/pull/4018 https://github.com/MarimerLLC/csla/security/advisories/GHSA-wq34-7f4g-953v

Patch

https://github.com/MarimerLLC/csla/releases