GHSA-vh38-ghx6-vmvg

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vh38-ghx6-vmvg/GHSA-vh38-ghx6-vmvg.json
Aliases
  • CVE-2022-21167
Published
2022-05-03T00:00:46Z
Modified
2023-01-31T02:37:51.647458Z
Details

All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

References

Affected packages

NuGet / Masuit.Tools.Core

Masuit.Tools.Core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Last affected
2.4.8.6

Affected versions

1.*

1.0.0
1.7.7
1.7.9
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.8.8
1.8.9
1.8.9.1
1.9.0
1.9.1
1.9.1.1
1.9.1.2
1.9.1.3
1.9.1.4
1.9.10
1.9.11
1.9.2
1.9.3
1.9.3.1
1.9.3.2
1.9.3.3
1.9.4
1.9.4.1
1.9.5
1.9.5.1
1.9.5.2
1.9.5.3
1.9.5.4
1.9.6
1.9.7
1.9.7.1
1.9.7.2
1.9.7.3
1.9.7.4
1.9.8
1.9.9

2.*

2.0.0
2.0.1
2.1.0
2.1.1
2.1.1.1
2.1.2
2.1.2.1
2.1.3
2.1.3.1
2.1.4
2.1.4.1
2.1.4.2
2.1.4.3
2.1.5
2.1.5.1
2.1.5.2
2.1.6
2.1.6.1
2.2.0
2.2.1
2.2.2
2.2.2.1
2.2.2.2
2.2.3
2.2.3.1
2.2.3.2
2.2.3.3
2.2.3.4
2.2.3.5
2.2.4
2.2.4.1
2.2.4.2
2.2.4.3
2.2.4.4
2.2.4.5
2.2.4.6
2.2.5
2.2.5.1
2.2.6
2.2.6.1
2.2.6.2
2.2.6.3
2.2.6.4
2.2.7
2.2.7.1
2.2.7.2
2.2.7.3
2.2.7.4
2.2.7.5
2.2.7.6
2.2.8
2.2.8.1
2.2.8.2
2.2.8.3
2.2.8.4
2.2.8.5
2.2.8.6
2.2.8.7
2.2.8.8
2.2.8.9
2.2.9
2.2.9.1
2.2.9.2
2.2.9.3
2.2.9.4
2.2.9.5
2.2.9.6
2.3.0
2.3.1
2.3.1.1
2.3.1.10
2.3.1.3
2.3.1.4
2.3.1.5
2.3.1.6
2.3.1.6-preview
2.3.1.7
2.3.1.8
2.3.1.9
2.3.2
2.3.2.1
2.3.2.2
2.3.2.3
2.3.2.4
2.3.2.5
2.3.2.6
2.4.0
2.4.1
2.4.1.1
2.4.1.2
2.4.1.3
2.4.1.4
2.4.1.5
2.4.2
2.4.2.1
2.4.2.10
2.4.2.2
2.4.2.3
2.4.2.4
2.4.2.5
2.4.2.6
2.4.2.7
2.4.2.8
2.4.2.9
2.4.3
2.4.3.1
2.4.3.2
2.4.3.3
2.4.3.4
2.4.3.5
2.4.3.6
2.4.3.7
2.4.3.8
2.4.3.9
2.4.4
2.4.4.1
2.4.4.2
2.4.4.3
2.4.4.4
2.4.4.5
2.4.4.6
2.4.4.7
2.4.4.8
2.4.5.1
2.4.5.2
2.4.5.3
2.4.5.5
2.4.6
2.4.6.1
2.4.6.2
2.4.6.3
2.4.6.4
2.4.6.5
2.4.7
2.4.7.1
2.4.7.2
2.4.7.3
2.4.7.4
2.4.7.5
2.4.7.6
2.4.7.7
2.4.7.8
2.4.7.9
2.4.8
2.4.8.1
2.4.8.2
2.4.8.3
2.4.8.4
2.4.8.5
2.4.8.6