GHSA-hpf7-4c2g-9chf
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hpf7-4c2g-9chf
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-hpf7-4c2g-9chf/GHSA-hpf7-4c2g-9chf.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-hpf7-4c2g-9chf
- Aliases
- Published
- 2021-09-23T23:17:07Z
- Modified
- 2023-11-01T04:55:21.579800Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Remote Code Execution in Halibut
- Details
-
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification.
- Database specific
{ "github_reviewed_at": "2021-09-23T17:18:19Z", "cwe_ids": [ "CWE-502" ], "severity": "CRITICAL", "github_reviewed": true, "nvd_published_at": "2021-09-22T02:15:00Z" }- References
Affected packages
NuGet / Halibut
Package
- Name
- Halibut
- View open source insights on deps.dev
- Purl
- pkg:nuget/Halibut
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.7
Affected versions
1.*
1.0.1.3
1.0.1.4
1.0.1.7
1.0.1.8
1.0.1.9
1.0.1.10
1.0.1.11
1.0.1.12
1.0.1.13
1.0.1.14
1.0.1.15
1.0.1.16
1.0.1.17
1.0.1.18
1.0.2.19
1.0.2.20
1.0.2.21
1.0.2.22
1.0.2.23
1.0.2.24
1.0.2.25
1.0.2.26
1.0.2.27
1.0.2.28
1.0.2.29
1.0.2.30
1.0.2.31
1.0.2.32
1.0.2.33
1.0.2.34
1.0.2.35
1.0.2.36
1.0.2.37
1.0.2.38
1.0.2.39
1.0.2.40
2.*
2.0.1.41
2.0.1.42
2.0.1.43
2.0.1.44
2.0.1.45
2.0.1.46
2.0.1.47
2.0.2.48
2.1.0.49
2.1.0.52
2.2.0.53
2.2.0.54
2.2.0.55
2.2.2
2.2.3
2.3.0
2.4.0
2.4.1
2.4.2-bug-proxyselect-0001
2.4.2
2.4.3
2.4.9
2.4.10
2.4.11
2.4.15
2.4.18
2.5.0
3.*
3.0.4
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.7
4.2.8
4.2.9
4.2.11
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.12
4.3.13
4.3.14
4.3.15
4.3.16
4.3.17
4.3.18
4.3.19
4.3.21
4.3.22
4.3.23
4.3.24
4.3.25
4.3.26
4.3.27
4.3.28
4.3.29
4.3.31
4.3.32
4.3.33
4.3.34
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6