Unclaimed project

Are you a maintainer of Nancy? Claim this project to take control of your public changelog and roadmap.

Changelog

Nancy

Lightweight, low-ceremony, framework for building HTTP based services on .Net and Mono

7.1k1.4kC#MIT

c-sharpdotnetdotnet-coreframeworkmitmono+5

Last updated about 5 years ago

Jul 20, 2017

Security Issue in JSON deserialization used by CSRF cookie handling. Removed use of JSON (de)serialization in Csrf.cs, to prevent a possible remote code execution vulnerability. Thanks to Alvaro Muñoz and Alexandr Mirosh from Hewlett-Packard Enterprise Security for pointing out this flaw. Affected versions are all Nancy 1.x releases and all pre-release candidates of 2.x up to and including `...