NuGet package
quantconnect.common
pkg:nuget/quantconnect.common
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-20136 | — | >= 2.3.0.0, <= 2.4.0.1 | — | Dec 14, 2020 | QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. |
- CVE-2020-20136Dec 14, 2020affected >= 2.3.0.0, <= 2.4.0.1
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library.