GHSA-v726-3vg9-cp34

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-v726-3vg9-cp34/GHSA-v726-3vg9-cp34.json
Aliases
  • CVE-2020-27998
Published
2021-08-02T17:28:16Z
Modified
2022-11-22T01:03:04.390375Z
Details

An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.

References

Affected packages

NuGet / FastReport.OpenSource

FastReport.OpenSource

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
2020.4.0

Affected versions

2018.*

2018.4.16
2018.4.7
2018.4.9

2019.*

2019.1.0
2019.1.20
2019.2.0
2019.3.0
2019.3.13
2019.3.19

2020.*

2020.1.20
2020.1.25
2020.1.28
2020.2.0
2020.2.9
2020.3.0
2020.3.1
2020.3.10
2020.3.14
2020.3.17
2020.3.21
2020.3.22
2020.3.4