Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Xiao/fixsecuritybugs #1661

Merged
merged 4 commits into from
Jun 29, 2021
Merged

Xiao/fixsecuritybugs #1661

merged 4 commits into from
Jun 29, 2021

Conversation

ciaozhang
Copy link
Contributor

The method 'object BinaryFormatter.Deserialize(Stream serializationStream)' is insecure when deserializing untrusted data without a SerializationBinder to restrict the type of objects in the deserialized object graph.

@ciaozhang ciaozhang merged commit 6f6b935 into dev Jun 29, 2021
@ciaozhang ciaozhang deleted the xiao/fixsecuritybugs branch November 5, 2021 17:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants