GHSA-vh38-ghx6-vmvg

Source
https://github.com/advisories/GHSA-vh38-ghx6-vmvg
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vh38-ghx6-vmvg/GHSA-vh38-ghx6-vmvg.json
Aliases
  • CVE-2022-21167
Published
2022-05-03T00:00:46Z
Modified
2024-02-20T05:29:06.189451Z
Details

All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

References

Affected packages

NuGet / Masuit.Tools.Core

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Last affected
2.4.8.6

Affected versions

1.*

1.0.0
1.7.7
1.7.9
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.8.8
1.8.9
1.8.9.1
1.9.0
1.9.1
1.9.1.1
1.9.1.2
1.9.1.3
1.9.1.4
1.9.2
1.9.3
1.9.3.1
1.9.3.2
1.9.3.3
1.9.4
1.9.4.1
1.9.5
1.9.5.1
1.9.5.2
1.9.5.3
1.9.5.4
1.9.6
1.9.7
1.9.7.1
1.9.7.2
1.9.7.3
1.9.7.4
1.9.8
1.9.9
1.9.10
1.9.11

2.*

2.0.0
2.0.1
2.1.0
2.1.1
2.1.1.1
2.1.2
2.1.2.1
2.1.3
2.1.3.1
2.1.4
2.1.4.1
2.1.4.2
2.1.4.3
2.1.5
2.1.5.1
2.1.5.2
2.1.6
2.1.6.1
2.2.0
2.2.1
2.2.2
2.2.2.1
2.2.2.2
2.2.3
2.2.3.1
2.2.3.2
2.2.3.3
2.2.3.4
2.2.3.5
2.2.4
2.2.4.1
2.2.4.2
2.2.4.3
2.2.4.4
2.2.4.5
2.2.4.6
2.2.5
2.2.5.1
2.2.6
2.2.6.1
2.2.6.2
2.2.6.3
2.2.6.4
2.2.7
2.2.7.1
2.2.7.2
2.2.7.3
2.2.7.4
2.2.7.5
2.2.7.6
2.2.8
2.2.8.1
2.2.8.2
2.2.8.3
2.2.8.4
2.2.8.5
2.2.8.6
2.2.8.7
2.2.8.8
2.2.8.9
2.2.9
2.2.9.1
2.2.9.2
2.2.9.3
2.2.9.4
2.2.9.5
2.2.9.6
2.3.0
2.3.1
2.3.1.1
2.3.1.3
2.3.1.4
2.3.1.5
2.3.1.6-preview
2.3.1.6
2.3.1.7
2.3.1.8
2.3.1.9
2.3.1.10
2.3.2
2.3.2.1
2.3.2.2
2.3.2.3
2.3.2.4
2.3.2.5
2.3.2.6
2.4.0
2.4.1
2.4.1.1
2.4.1.2
2.4.1.3
2.4.1.4
2.4.1.5
2.4.2
2.4.2.1
2.4.2.2
2.4.2.3
2.4.2.4
2.4.2.5
2.4.2.6
2.4.2.7
2.4.2.8
2.4.2.9
2.4.2.10
2.4.3
2.4.3.1
2.4.3.2
2.4.3.3
2.4.3.4
2.4.3.5
2.4.3.6
2.4.3.7
2.4.3.8
2.4.3.9
2.4.4
2.4.4.1
2.4.4.2
2.4.4.3
2.4.4.4
2.4.4.5
2.4.4.6
2.4.4.7
2.4.4.8
2.4.5.1
2.4.5.2
2.4.5.3
2.4.5.5
2.4.6
2.4.6.1
2.4.6.2
2.4.6.3
2.4.6.4
2.4.6.5
2.4.7
2.4.7.1
2.4.7.2
2.4.7.3
2.4.7.4
2.4.7.5
2.4.7.6
2.4.7.7
2.4.7.8
2.4.7.9
2.4.8
2.4.8.1
2.4.8.2
2.4.8.3
2.4.8.4
2.4.8.5
2.4.8.6