← Back to CVE List

CVE-2020-20136

Published: 2020-12-14T19:15Z
Last Modified: 2024-11-21T05:11Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt