Common Weakness Enumeration

CWE-502

Allowed

Deserialization of Untrusted Data

Abstraction: Base · Status: Draft

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

4795 vulnerabilities reference this CWE, most recent first.

GHSA-FJQC-HQ36-QH5P

Vulnerability from github – Published: 2026-06-25 18:25 – Updated: 2026-06-25 18:25
VLAI
Summary
LangGraph Checkpoint: Unsafe JSON deserialization in checkpoint loading
Details

Summary

LangGraph's JsonPlusSerializer can reconstruct Python objects from JSON checkpoint payloads. Under conditions where someone could modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the application expects, which could in turn result in code execution at checkpoint load time.

This is a defense-in-depth issue. The affected behavior is reachable only when checkpoint bytes at rest in the backing store can be modified by an unauthorized party. In most deployments that prerequisite already implies a serious incident; the additional concern is turning "checkpoint-store write access" into code execution in the application runtime.

There is no evidence of this behavior being triggered in the wild, and the team is not aware of a practical path to it in existing deployments today. This change is intended to reduce the surface available after a checkpoint-store incident.

Affected users / systems

Users may be affected if they:

  • use a persistent checkpointer (database, remote store, shared filesystem, etc.) with the default JsonPlusSerializer,
  • load/resume from checkpoints, and
  • operate in an environment where write access to the checkpoint store could be obtained by an unauthorized party.

The default checkpoint serializer in all shipped checkpointer backends (PostgresSaver, SqliteSaver, and their async counterparts) is JsonPlusSerializer, so applications generally do not need to opt in to be in scope.

Impact

  • Potential arbitrary code execution or other unsafe side effects during checkpoint deserialization.
  • Escalation from "write access to the checkpoint store" to "code execution in the LangGraph worker process," which may expose runtime secrets or provide access to other systems the runtime can reach.

Patches / mitigation

The JSON deserialization path has been narrowed so that revival is restricted to default-constructor reconstruction using the args/kwargs carried in the payload. The framework's own encoder has not relied on the removed behavior for produced checkpoints since the msgpack migration, so this change does not affect freshly written checkpoints. Legacy payloads that already used the default constructor as their first option continue to revive correctly via that same path.

Compatibility

A narrow legacy-resume regression applies to pre-October-2025 checkpoints of pydantic models where the original payload depended on a no-validation fallback factory to recover from incompatible schema evolution. After this change, such payloads return None from the revival path and fall through to the langchain-core reviver, which surfaces the raw dict rather than reconstructing the model.

Operational guidance

  • Treat checkpoint stores as integrity-sensitive. Restrict write access and rotate credentials if unauthorized access is suspected.
  • Avoid providing custom JSON revival hooks that reconstruct arbitrary types unless checkpoint data is fully trusted.

LangSmith / hosted deployments note

The team is not aware of this issue presenting concern for existing LangSmith-hosted deployments. The described conditions require modification of the checkpoint persistence layer used by the deployment; typical hosted configurations are designed to prevent such access.

First reported by: pucagit (CyStack).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "langgraph-checkpoint"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-48775"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502",
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-25T18:25:42Z",
    "nvd_published_at": "2026-06-16T19:16:58Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nLangGraph\u0027s `JsonPlusSerializer` can reconstruct Python objects from JSON checkpoint payloads. Under conditions where someone could modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the application expects, which could in turn result in code execution at checkpoint load time.\n\nThis is a defense-in-depth issue. The affected behavior is reachable only when checkpoint bytes at rest in the backing store can be modified by an unauthorized party. In most deployments that prerequisite already implies a serious incident; the additional concern is turning \"checkpoint-store write access\" into code execution in the application runtime.\n\nThere is no evidence of this behavior being triggered in the wild, and the team is not aware of a practical path to it in existing deployments today. This change is intended to reduce the surface available after a checkpoint-store incident.\n\n## Affected users / systems\n\nUsers may be affected if they:\n\n- use a persistent checkpointer (database, remote store, shared filesystem, etc.) with the default `JsonPlusSerializer`,\n- load/resume from checkpoints, and\n- operate in an environment where write access to the checkpoint store could be obtained by an unauthorized party.\n\nThe default checkpoint serializer in all shipped checkpointer backends (`PostgresSaver`, `SqliteSaver`, and their async counterparts) is `JsonPlusSerializer`, so applications generally do not need to opt in to be in scope.\n\n## Impact\n\n- Potential **arbitrary code execution** or other unsafe side effects during checkpoint deserialization.\n- Escalation from \"write access to the checkpoint store\" to \"code execution in the LangGraph worker process,\" which may expose runtime secrets or provide access to other systems the runtime can reach.\n\n## Patches / mitigation\n\nThe JSON deserialization path has been narrowed so that revival is restricted to default-constructor reconstruction using the args/kwargs carried in the payload. The framework\u0027s own encoder has not relied on the removed behavior for produced checkpoints since the msgpack migration, so this change does not affect freshly written checkpoints. Legacy payloads that already used the default constructor as their first option continue to revive correctly via that same path.\n\n## Compatibility\n\nA narrow legacy-resume regression applies to pre-October-2025 checkpoints of pydantic models where the original payload depended on a no-validation fallback factory to recover from incompatible schema evolution. After this change, such payloads return `None` from the revival path and fall through to the langchain-core reviver, which surfaces the raw dict rather than reconstructing the model.\n\n## Operational guidance\n\n- Treat checkpoint stores as integrity-sensitive. Restrict write access and rotate credentials if unauthorized access is suspected.\n- Avoid providing custom JSON revival hooks that reconstruct arbitrary types unless checkpoint data is fully trusted.\n\n## LangSmith / hosted deployments note\n\nThe team is not aware of this issue presenting concern for existing LangSmith-hosted deployments. The described conditions require modification of the checkpoint persistence layer used by the deployment; typical hosted configurations are designed to prevent such access.\n\nFirst reported by: pucagit (CyStack).",
  "id": "GHSA-fjqc-hq36-qh5p",
  "modified": "2026-06-25T18:25:42Z",
  "published": "2026-06-25T18:25:42Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/langchain-ai/langgraph/security/advisories/GHSA-fjqc-hq36-qh5p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48775"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/langchain-ai/langgraph"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LangGraph Checkpoint: Unsafe JSON deserialization in checkpoint loading"
}

GHSA-FJRG-M24M-JH2G

Vulnerability from github – Published: 2025-07-11 06:30 – Updated: 2025-07-11 06:30
VLAI
Details

The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30023"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-11T06:15:24Z",
    "severity": "CRITICAL"
  },
  "details": "The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.",
  "id": "GHSA-fjrg-m24m-jh2g",
  "modified": "2025-07-11T06:30:30Z",
  "published": "2025-07-11T06:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30023"
    },
    {
      "type": "WEB",
      "url": "https://www.axis.com/dam/public/9b/a5/72/cve-2025-30023pdf-en-US-485733.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FJRG-Q598-J558

Vulnerability from github – Published: 2025-07-27 09:30 – Updated: 2025-07-27 09:30
VLAI
Details

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The patch is named 33d9bb464353015aaaba84e27638ac9a3912795d. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8227"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-27T09:15:27Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The patch is named 33d9bb464353015aaaba84e27638ac9a3912795d. It is recommended to upgrade the affected component.",
  "id": "GHSA-fjrg-q598-j558",
  "modified": "2025-07-27T09:30:26Z",
  "published": "2025-07-27T09:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8227"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/commit/33d9bb464353015aaaba84e27638ac9a3912795d"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP81"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/tree/V3.1.3"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.317815"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.317815"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.622169"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-FM6C-F59H-7MMG

Vulnerability from github – Published: 2025-07-31 14:02 – Updated: 2025-08-01 18:35
VLAI
Summary
MS SWIFT Remote Code Execution via unsafe PyYAML deserialization
Details

Description

A Remote Code Execution (RCE) vulnerability exists in the modelscope/ms-swift project due to unsafe use of yaml.load() in combination with vulnerable versions of the PyYAML library (≤ 5.3.1). The issue resides in the tests/run.py script, where a user-supplied YAML configuration file is deserialized using yaml.load() with yaml.FullLoader.

If an attacker can control or replace the YAML configuration file provided to the --run_config argument, they may inject a malicious payload that results in arbitrary code execution.

Affected Repository

  • Project: modelscope/ms-swift
  • Affect versions: latest
  • File: tests/run.py
  • GitHub Permalink: https://github.com/modelscope/ms-swift/blob/e02ebfdf34f979bbdba9d935acc1689f8d227b38/tests/run.py#L420
  • Dependency: PyYAML <= 5.3.1

Vulnerable Code

if args.run_config is not None and Path(args.run_config).exists():
    with open(args.run_config, encoding='utf-8') as f:
        run_config = yaml.load(f, Loader=yaml.FullLoader)

Proof of Concept (PoC)

Step 1: Create malicious YAML file (exploit.yaml)

!!python/object/new:type
args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
listitems: "__import__('os').system('mkdir HACKED')"

Step 2: Execute with vulnerable PyYAML (<= 5.3.1)

import yaml

with open("exploit.yaml", "r") as f:
    cfg = yaml.load(f, Loader=yaml.FullLoader)

This results in execution of os.system, proving code execution.

Mitigation

  • Replace yaml.load() with yaml.safe_load()
  • Upgrade PyYAML to version 5.4 or later

Example Fix:

# Before
yaml.load(f, Loader=yaml.FullLoader)

# After
yaml.safe_load(f)

Author

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ms-swift"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "3.6.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-50460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-31T14:02:34Z",
    "nvd_published_at": "2025-08-01T16:15:41Z",
    "severity": "LOW"
  },
  "details": "## Description\n\nA Remote Code Execution (RCE) vulnerability exists in the [modelscope/ms-swift](https://github.com/modelscope/ms-swift) project due to unsafe use of `yaml.load()` in combination with vulnerable versions of the PyYAML library (\u2264 5.3.1). The issue resides in the `tests/run.py` script, where a user-supplied YAML configuration file is deserialized using `yaml.load()` with `yaml.FullLoader`.\n\nIf an attacker can control or replace the YAML configuration file provided to the `--run_config` argument, they may inject a malicious payload that results in arbitrary code execution.\n\n## Affected Repository\n\n- **Project:** [modelscope/ms-swift](https://github.com/modelscope/ms-swift)\n- **Affect versions:** latest\n- **File:** `tests/run.py`\n- **GitHub Permalink:** https://github.com/modelscope/ms-swift/blob/e02ebfdf34f979bbdba9d935acc1689f8d227b38/tests/run.py#L420\n- **Dependency:** PyYAML \u003c= 5.3.1\n\n## Vulnerable Code\n\n```python\nif args.run_config is not None and Path(args.run_config).exists():\n    with open(args.run_config, encoding=\u0027utf-8\u0027) as f:\n        run_config = yaml.load(f, Loader=yaml.FullLoader)\n```\n\n## Proof of Concept (PoC)\n\n### Step 1: Create malicious YAML file (`exploit.yaml`)\n\n```yaml\n!!python/object/new:type\nargs: [\"z\", !!python/tuple [], {\"extend\": !!python/name:exec }]\nlistitems: \"__import__(\u0027os\u0027).system(\u0027mkdir HACKED\u0027)\"\n```\n\n### Step 2: Execute with vulnerable PyYAML (\u003c= 5.3.1)\n\n```python\nimport yaml\n\nwith open(\"exploit.yaml\", \"r\") as f:\n    cfg = yaml.load(f, Loader=yaml.FullLoader)\n```\n\nThis results in execution of `os.system`, proving code execution.\n\n## Mitigation\n\n* Replace `yaml.load()` with `yaml.safe_load()`\n* Upgrade PyYAML to version 5.4 or later\n\n### Example Fix:\n\n```python\n# Before\nyaml.load(f, Loader=yaml.FullLoader)\n\n# After\nyaml.safe_load(f)\n```\n\n\n## Author\n\n* Discovered by: Yu Rong (\u620e\u8a89) and Hao Fan (\u51e1\u6d69)\n* Contact: *\\[[anchor.rongyu020221@gmail.com](mailto:anchor.rongyu020221@gmail.com)]*",
  "id": "GHSA-fm6c-f59h-7mmg",
  "modified": "2025-08-01T18:35:43Z",
  "published": "2025-07-31T14:02:34Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/security/advisories/GHSA-fm6c-f59h-7mmg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50460"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/pull/5174"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/commit/b3418ed9b050dc079553c275c5ed14cfb2b66cf7"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Anchor0221/CVE-2025-50460"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-6757-jp84-gxfx"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/modelscope/ms-swift"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/blob/main/tests/run.py#L420"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "MS SWIFT Remote Code Execution via unsafe PyYAML deserialization"
}

GHSA-FMH4-WR37-44FP

Vulnerability from github – Published: 2025-12-03 19:07 – Updated: 2025-12-11 18:20
VLAI
Summary
React Server Components are Vulnerable to RCE
Details

Summary

@vitejs/plugin-rsc vendors react-server-dom-webpack, which contained an unauthenticated remote code execution vulnerability in versions prior to 19.0.1, 19.1.2, and 19.2.1. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r

Impact

Applications using affected versions of @vitejs/plugin-rsc are vulnerable to unauthenticated remote code execution through deserialization of untrusted data. An attacker can execute arbitrary code remotely without authentication, affecting confidentiality, integrity, and availability.

Recommendations

Upgrade immediately to @vitejs/plugin-rsc@0.5.3 or later.

Workarounds

Applications not using server-side React or React Server Components are unaffected.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.5.2"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@vitejs/plugin-rsc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.5.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-03T19:07:52Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\n`@vitejs/plugin-rsc` vendors `react-server-dom-webpack`, which contained an unauthenticated remote code execution vulnerability in versions prior to 19.0.1, 19.1.2, and 19.2.1. See details in React repository\u0027s advisory https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r\n\n### Impact\n\nApplications using affected versions of `@vitejs/plugin-rsc` are vulnerable to unauthenticated remote code execution through deserialization of untrusted data. An attacker can execute arbitrary code remotely without authentication, affecting confidentiality, integrity, and availability.\n\n### Recommendations\n\nUpgrade immediately to `@vitejs/plugin-rsc@0.5.3` or later.\n\n### Workarounds\n\nApplications not using server-side React or React Server Components are unaffected.",
  "id": "GHSA-fmh4-wr37-44fp",
  "modified": "2025-12-11T18:20:18Z",
  "published": "2025-12-03T19:07:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-fmh4-wr37-44fp"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vitejs/vite-plugin-react"
    },
    {
      "type": "WEB",
      "url": "https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "React Server Components are Vulnerable to RCE"
}

GHSA-FMH5-RJFP-6QVQ

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30
VLAI
Details

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-42928"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T16:17:53Z",
    "severity": "CRITICAL"
  },
  "details": "Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.",
  "id": "GHSA-fmh5-rjfp-6qvq",
  "modified": "2025-12-09T18:30:37Z",
  "published": "2025-12-09T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-42928"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3685286"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FMMC-742Q-JG75

Vulnerability from github – Published: 2019-11-13 00:32 – Updated: 2023-09-14 14:55
VLAI
Summary
jackson-databind polymorphic typing issue
Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.fasterxml.jackson.core:jackson-databind"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.fasterxml.jackson.core:jackson-databind"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.8.11.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.fasterxml.jackson.core:jackson-databind"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-16943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-11-13T00:30:39Z",
    "nvd_published_at": "2019-10-01T17:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
  "id": "GHSA-fmmc-742q-jg75",
  "modified": "2023-09-14T14:55:20Z",
  "published": "2019-11-13T00:32:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/issues/2478"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Oct/6"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191017-0006"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4542"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FasterXML/jackson-databind"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0445"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0164"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0161"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0160"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0159"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "jackson-databind polymorphic typing issue"
}

GHSA-FMMM-5P9F-XM6R

Vulnerability from github – Published: 2022-07-20 00:00 – Updated: 2022-07-28 00:00
VLAI
Details

A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27579"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-19T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.",
  "id": "GHSA-fmmm-5p9f-xm6r",
  "modified": "2022-07-28T00:00:39Z",
  "published": "2022-07-20T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27579"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FMPR-X9V2-R3JJ

Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2024-04-04 02:49
VLAI
Details

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-6967"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-03-23T21:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.",
  "id": "GHSA-fmpr-x9v2-r3jj",
  "modified": "2024-04-04T02:49:32Z",
  "published": "2022-05-24T17:12:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6967"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-20-051-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FMQQ-HW9M-448Q

Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2024-04-25 21:54
VLAI
Summary
Subrion CMS PHP Object Injection
Details

admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "intelliants/subrion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-12469"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-25T21:54:38Z",
    "nvd_published_at": "2020-04-29T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.",
  "id": "GHSA-fmqq-hw9m-448q",
  "modified": "2024-04-25T21:54:38Z",
  "published": "2022-05-24T17:16:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12469"
    },
    {
      "type": "WEB",
      "url": "https://belong2yourself.github.io/vulnerabilities/docs/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection/readme"
    },
    {
      "type": "WEB",
      "url": "https://github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/intelliants/subrion"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Subrion CMS PHP Object Injection"
}

Mitigation
Architecture and Design Implementation

If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.

Mitigation
Implementation

When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.

Mitigation
Implementation

Explicitly define a final object() to prevent deserialization.

Mitigation
Architecture and Design Implementation
  • Make fields transient to protect them from deserialization.
  • An attempt to serialize and then deserialize a class containing transient fields will result in NULLs where the transient data should be. This is an excellent way to prevent time, environment-based, or sensitive variables from being carried over and used improperly.
Mitigation
Implementation

Avoid having unnecessary types or gadgets (a sequence of instances and method invocations that can self-execute during the deserialization process, often found in libraries) available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.

Mitigation
Architecture and Design Implementation

Employ cryptography of the data or code for protection. However, it's important to note that it would still be client-side security. This is risky because if the client is compromised then the security implemented on the client (the cryptography) can be bypassed.

Mitigation MIT-29
Operation

Strategy: Firewall

Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].

CAPEC-586: Object Injection

An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.