CWE-502
AllowedDeserialization of Untrusted Data
Abstraction: Base · Status: Draft
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
4795 vulnerabilities reference this CWE, most recent first.
GHSA-FJQC-HQ36-QH5P
Vulnerability from github – Published: 2026-06-25 18:25 – Updated: 2026-06-25 18:25Summary
LangGraph's JsonPlusSerializer can reconstruct Python objects from JSON checkpoint payloads. Under conditions where someone could modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the application expects, which could in turn result in code execution at checkpoint load time.
This is a defense-in-depth issue. The affected behavior is reachable only when checkpoint bytes at rest in the backing store can be modified by an unauthorized party. In most deployments that prerequisite already implies a serious incident; the additional concern is turning "checkpoint-store write access" into code execution in the application runtime.
There is no evidence of this behavior being triggered in the wild, and the team is not aware of a practical path to it in existing deployments today. This change is intended to reduce the surface available after a checkpoint-store incident.
Affected users / systems
Users may be affected if they:
- use a persistent checkpointer (database, remote store, shared filesystem, etc.) with the default
JsonPlusSerializer, - load/resume from checkpoints, and
- operate in an environment where write access to the checkpoint store could be obtained by an unauthorized party.
The default checkpoint serializer in all shipped checkpointer backends (PostgresSaver, SqliteSaver, and their async counterparts) is JsonPlusSerializer, so applications generally do not need to opt in to be in scope.
Impact
- Potential arbitrary code execution or other unsafe side effects during checkpoint deserialization.
- Escalation from "write access to the checkpoint store" to "code execution in the LangGraph worker process," which may expose runtime secrets or provide access to other systems the runtime can reach.
Patches / mitigation
The JSON deserialization path has been narrowed so that revival is restricted to default-constructor reconstruction using the args/kwargs carried in the payload. The framework's own encoder has not relied on the removed behavior for produced checkpoints since the msgpack migration, so this change does not affect freshly written checkpoints. Legacy payloads that already used the default constructor as their first option continue to revive correctly via that same path.
Compatibility
A narrow legacy-resume regression applies to pre-October-2025 checkpoints of pydantic models where the original payload depended on a no-validation fallback factory to recover from incompatible schema evolution. After this change, such payloads return None from the revival path and fall through to the langchain-core reviver, which surfaces the raw dict rather than reconstructing the model.
Operational guidance
- Treat checkpoint stores as integrity-sensitive. Restrict write access and rotate credentials if unauthorized access is suspected.
- Avoid providing custom JSON revival hooks that reconstruct arbitrary types unless checkpoint data is fully trusted.
LangSmith / hosted deployments note
The team is not aware of this issue presenting concern for existing LangSmith-hosted deployments. The described conditions require modification of the checkpoint persistence layer used by the deployment; typical hosted configurations are designed to prevent such access.
First reported by: pucagit (CyStack).
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "langgraph-checkpoint"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48775"
],
"database_specific": {
"cwe_ids": [
"CWE-502",
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-25T18:25:42Z",
"nvd_published_at": "2026-06-16T19:16:58Z",
"severity": "MODERATE"
},
"details": "## Summary\n\nLangGraph\u0027s `JsonPlusSerializer` can reconstruct Python objects from JSON checkpoint payloads. Under conditions where someone could modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the application expects, which could in turn result in code execution at checkpoint load time.\n\nThis is a defense-in-depth issue. The affected behavior is reachable only when checkpoint bytes at rest in the backing store can be modified by an unauthorized party. In most deployments that prerequisite already implies a serious incident; the additional concern is turning \"checkpoint-store write access\" into code execution in the application runtime.\n\nThere is no evidence of this behavior being triggered in the wild, and the team is not aware of a practical path to it in existing deployments today. This change is intended to reduce the surface available after a checkpoint-store incident.\n\n## Affected users / systems\n\nUsers may be affected if they:\n\n- use a persistent checkpointer (database, remote store, shared filesystem, etc.) with the default `JsonPlusSerializer`,\n- load/resume from checkpoints, and\n- operate in an environment where write access to the checkpoint store could be obtained by an unauthorized party.\n\nThe default checkpoint serializer in all shipped checkpointer backends (`PostgresSaver`, `SqliteSaver`, and their async counterparts) is `JsonPlusSerializer`, so applications generally do not need to opt in to be in scope.\n\n## Impact\n\n- Potential **arbitrary code execution** or other unsafe side effects during checkpoint deserialization.\n- Escalation from \"write access to the checkpoint store\" to \"code execution in the LangGraph worker process,\" which may expose runtime secrets or provide access to other systems the runtime can reach.\n\n## Patches / mitigation\n\nThe JSON deserialization path has been narrowed so that revival is restricted to default-constructor reconstruction using the args/kwargs carried in the payload. The framework\u0027s own encoder has not relied on the removed behavior for produced checkpoints since the msgpack migration, so this change does not affect freshly written checkpoints. Legacy payloads that already used the default constructor as their first option continue to revive correctly via that same path.\n\n## Compatibility\n\nA narrow legacy-resume regression applies to pre-October-2025 checkpoints of pydantic models where the original payload depended on a no-validation fallback factory to recover from incompatible schema evolution. After this change, such payloads return `None` from the revival path and fall through to the langchain-core reviver, which surfaces the raw dict rather than reconstructing the model.\n\n## Operational guidance\n\n- Treat checkpoint stores as integrity-sensitive. Restrict write access and rotate credentials if unauthorized access is suspected.\n- Avoid providing custom JSON revival hooks that reconstruct arbitrary types unless checkpoint data is fully trusted.\n\n## LangSmith / hosted deployments note\n\nThe team is not aware of this issue presenting concern for existing LangSmith-hosted deployments. The described conditions require modification of the checkpoint persistence layer used by the deployment; typical hosted configurations are designed to prevent such access.\n\nFirst reported by: pucagit (CyStack).",
"id": "GHSA-fjqc-hq36-qh5p",
"modified": "2026-06-25T18:25:42Z",
"published": "2026-06-25T18:25:42Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/langchain-ai/langgraph/security/advisories/GHSA-fjqc-hq36-qh5p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48775"
},
{
"type": "PACKAGE",
"url": "https://github.com/langchain-ai/langgraph"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "LangGraph Checkpoint: Unsafe JSON deserialization in checkpoint loading"
}
GHSA-FJRG-M24M-JH2G
Vulnerability from github – Published: 2025-07-11 06:30 – Updated: 2025-07-11 06:30The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
{
"affected": [],
"aliases": [
"CVE-2025-30023"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-11T06:15:24Z",
"severity": "CRITICAL"
},
"details": "The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.",
"id": "GHSA-fjrg-m24m-jh2g",
"modified": "2025-07-11T06:30:30Z",
"published": "2025-07-11T06:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30023"
},
{
"type": "WEB",
"url": "https://www.axis.com/dam/public/9b/a5/72/cve-2025-30023pdf-en-US-485733.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FJRG-Q598-J558
Vulnerability from github – Published: 2025-07-27 09:30 – Updated: 2025-07-27 09:30A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The patch is named 33d9bb464353015aaaba84e27638ac9a3912795d. It is recommended to upgrade the affected component.
{
"affected": [],
"aliases": [
"CVE-2025-8227"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-27T09:15:27Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The patch is named 33d9bb464353015aaaba84e27638ac9a3912795d. It is recommended to upgrade the affected component.",
"id": "GHSA-fjrg-q598-j558",
"modified": "2025-07-27T09:30:26Z",
"published": "2025-07-27T09:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8227"
},
{
"type": "WEB",
"url": "https://gitee.com/yanyutao0402/ChanCMS/commit/33d9bb464353015aaaba84e27638ac9a3912795d"
},
{
"type": "WEB",
"url": "https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP81"
},
{
"type": "WEB",
"url": "https://gitee.com/yanyutao0402/ChanCMS/tree/V3.1.3"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.317815"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.317815"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.622169"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-FM6C-F59H-7MMG
Vulnerability from github – Published: 2025-07-31 14:02 – Updated: 2025-08-01 18:35Description
A Remote Code Execution (RCE) vulnerability exists in the modelscope/ms-swift project due to unsafe use of yaml.load() in combination with vulnerable versions of the PyYAML library (≤ 5.3.1). The issue resides in the tests/run.py script, where a user-supplied YAML configuration file is deserialized using yaml.load() with yaml.FullLoader.
If an attacker can control or replace the YAML configuration file provided to the --run_config argument, they may inject a malicious payload that results in arbitrary code execution.
Affected Repository
- Project: modelscope/ms-swift
- Affect versions: latest
- File:
tests/run.py - GitHub Permalink: https://github.com/modelscope/ms-swift/blob/e02ebfdf34f979bbdba9d935acc1689f8d227b38/tests/run.py#L420
- Dependency: PyYAML <= 5.3.1
Vulnerable Code
if args.run_config is not None and Path(args.run_config).exists():
with open(args.run_config, encoding='utf-8') as f:
run_config = yaml.load(f, Loader=yaml.FullLoader)
Proof of Concept (PoC)
Step 1: Create malicious YAML file (exploit.yaml)
!!python/object/new:type
args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
listitems: "__import__('os').system('mkdir HACKED')"
Step 2: Execute with vulnerable PyYAML (<= 5.3.1)
import yaml
with open("exploit.yaml", "r") as f:
cfg = yaml.load(f, Loader=yaml.FullLoader)
This results in execution of os.system, proving code execution.
Mitigation
- Replace
yaml.load()withyaml.safe_load() - Upgrade PyYAML to version 5.4 or later
Example Fix:
# Before
yaml.load(f, Loader=yaml.FullLoader)
# After
yaml.safe_load(f)
Author
- Discovered by: Yu Rong (戎誉) and Hao Fan (凡浩)
- Contact: [anchor.rongyu020221@gmail.com]
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ms-swift"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-50460"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-31T14:02:34Z",
"nvd_published_at": "2025-08-01T16:15:41Z",
"severity": "LOW"
},
"details": "## Description\n\nA Remote Code Execution (RCE) vulnerability exists in the [modelscope/ms-swift](https://github.com/modelscope/ms-swift) project due to unsafe use of `yaml.load()` in combination with vulnerable versions of the PyYAML library (\u2264 5.3.1). The issue resides in the `tests/run.py` script, where a user-supplied YAML configuration file is deserialized using `yaml.load()` with `yaml.FullLoader`.\n\nIf an attacker can control or replace the YAML configuration file provided to the `--run_config` argument, they may inject a malicious payload that results in arbitrary code execution.\n\n## Affected Repository\n\n- **Project:** [modelscope/ms-swift](https://github.com/modelscope/ms-swift)\n- **Affect versions:** latest\n- **File:** `tests/run.py`\n- **GitHub Permalink:** https://github.com/modelscope/ms-swift/blob/e02ebfdf34f979bbdba9d935acc1689f8d227b38/tests/run.py#L420\n- **Dependency:** PyYAML \u003c= 5.3.1\n\n## Vulnerable Code\n\n```python\nif args.run_config is not None and Path(args.run_config).exists():\n with open(args.run_config, encoding=\u0027utf-8\u0027) as f:\n run_config = yaml.load(f, Loader=yaml.FullLoader)\n```\n\n## Proof of Concept (PoC)\n\n### Step 1: Create malicious YAML file (`exploit.yaml`)\n\n```yaml\n!!python/object/new:type\nargs: [\"z\", !!python/tuple [], {\"extend\": !!python/name:exec }]\nlistitems: \"__import__(\u0027os\u0027).system(\u0027mkdir HACKED\u0027)\"\n```\n\n### Step 2: Execute with vulnerable PyYAML (\u003c= 5.3.1)\n\n```python\nimport yaml\n\nwith open(\"exploit.yaml\", \"r\") as f:\n cfg = yaml.load(f, Loader=yaml.FullLoader)\n```\n\nThis results in execution of `os.system`, proving code execution.\n\n## Mitigation\n\n* Replace `yaml.load()` with `yaml.safe_load()`\n* Upgrade PyYAML to version 5.4 or later\n\n### Example Fix:\n\n```python\n# Before\nyaml.load(f, Loader=yaml.FullLoader)\n\n# After\nyaml.safe_load(f)\n```\n\n\n## Author\n\n* Discovered by: Yu Rong (\u620e\u8a89) and Hao Fan (\u51e1\u6d69)\n* Contact: *\\[[anchor.rongyu020221@gmail.com](mailto:anchor.rongyu020221@gmail.com)]*",
"id": "GHSA-fm6c-f59h-7mmg",
"modified": "2025-08-01T18:35:43Z",
"published": "2025-07-31T14:02:34Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/modelscope/ms-swift/security/advisories/GHSA-fm6c-f59h-7mmg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50460"
},
{
"type": "WEB",
"url": "https://github.com/modelscope/ms-swift/pull/5174"
},
{
"type": "WEB",
"url": "https://github.com/modelscope/ms-swift/commit/b3418ed9b050dc079553c275c5ed14cfb2b66cf7"
},
{
"type": "WEB",
"url": "https://github.com/Anchor0221/CVE-2025-50460"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-6757-jp84-gxfx"
},
{
"type": "PACKAGE",
"url": "https://github.com/modelscope/ms-swift"
},
{
"type": "WEB",
"url": "https://github.com/modelscope/ms-swift/blob/main/tests/run.py#L420"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "MS SWIFT Remote Code Execution via unsafe PyYAML deserialization"
}
GHSA-FMH4-WR37-44FP
Vulnerability from github – Published: 2025-12-03 19:07 – Updated: 2025-12-11 18:20Summary
@vitejs/plugin-rsc vendors react-server-dom-webpack, which contained an unauthenticated remote code execution vulnerability in versions prior to 19.0.1, 19.1.2, and 19.2.1. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r
Impact
Applications using affected versions of @vitejs/plugin-rsc are vulnerable to unauthenticated remote code execution through deserialization of untrusted data. An attacker can execute arbitrary code remotely without authentication, affecting confidentiality, integrity, and availability.
Recommendations
Upgrade immediately to @vitejs/plugin-rsc@0.5.3 or later.
Workarounds
Applications not using server-side React or React Server Components are unaffected.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.2"
},
"package": {
"ecosystem": "npm",
"name": "@vitejs/plugin-rsc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-03T19:07:52Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "### Summary\n\n`@vitejs/plugin-rsc` vendors `react-server-dom-webpack`, which contained an unauthenticated remote code execution vulnerability in versions prior to 19.0.1, 19.1.2, and 19.2.1. See details in React repository\u0027s advisory https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r\n\n### Impact\n\nApplications using affected versions of `@vitejs/plugin-rsc` are vulnerable to unauthenticated remote code execution through deserialization of untrusted data. An attacker can execute arbitrary code remotely without authentication, affecting confidentiality, integrity, and availability.\n\n### Recommendations\n\nUpgrade immediately to `@vitejs/plugin-rsc@0.5.3` or later.\n\n### Workarounds\n\nApplications not using server-side React or React Server Components are unaffected.",
"id": "GHSA-fmh4-wr37-44fp",
"modified": "2025-12-11T18:20:18Z",
"published": "2025-12-03T19:07:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r"
},
{
"type": "WEB",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp"
},
{
"type": "WEB",
"url": "https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-fmh4-wr37-44fp"
},
{
"type": "PACKAGE",
"url": "https://github.com/vitejs/vite-plugin-react"
},
{
"type": "WEB",
"url": "https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "React Server Components are Vulnerable to RCE"
}
GHSA-FMH5-RJFP-6QVQ
Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.
{
"affected": [],
"aliases": [
"CVE-2025-42928"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-09T16:17:53Z",
"severity": "CRITICAL"
},
"details": "Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.",
"id": "GHSA-fmh5-rjfp-6qvq",
"modified": "2025-12-09T18:30:37Z",
"published": "2025-12-09T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-42928"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3685286"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMMC-742Q-JG75
Vulnerability from github – Published: 2019-11-13 00:32 – Updated: 2023-09-14 14:55A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.9.0"
},
{
"fixed": "2.9.10.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.8.11.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.7.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-16943"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2019-11-13T00:30:39Z",
"nvd_published_at": "2019-10-01T17:15:00Z",
"severity": "CRITICAL"
},
"details": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
"id": "GHSA-fmmc-742q-jg75",
"modified": "2023-09-14T14:55:20Z",
"published": "2019-11-13T00:32:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/issues/2478"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT"
},
{
"type": "WEB",
"url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Oct/6"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20191017-0006"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4542"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"type": "PACKAGE",
"url": "https://github.com/FasterXML/jackson-databind"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0445"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "jackson-databind polymorphic typing issue"
}
GHSA-FMMM-5P9F-XM6R
Vulnerability from github – Published: 2022-07-20 00:00 – Updated: 2022-07-28 00:00A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.
{
"affected": [],
"aliases": [
"CVE-2022-27579"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-19T16:15:00Z",
"severity": "HIGH"
},
"details": "A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.",
"id": "GHSA-fmmm-5p9f-xm6r",
"modified": "2022-07-28T00:00:39Z",
"published": "2022-07-20T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27579"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMPR-X9V2-R3JJ
Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2024-04-04 02:49In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.
{
"affected": [],
"aliases": [
"CVE-2020-6967"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-23T21:15:00Z",
"severity": "CRITICAL"
},
"details": "In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.",
"id": "GHSA-fmpr-x9v2-r3jj",
"modified": "2024-04-04T02:49:32Z",
"published": "2022-05-24T17:12:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6967"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-051-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMQQ-HW9M-448Q
Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2024-04-25 21:54admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "intelliants/subrion"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-12469"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-25T21:54:38Z",
"nvd_published_at": "2020-04-29T21:15:00Z",
"severity": "MODERATE"
},
"details": "admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.",
"id": "GHSA-fmqq-hw9m-448q",
"modified": "2024-04-25T21:54:38Z",
"published": "2022-05-24T17:16:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12469"
},
{
"type": "WEB",
"url": "https://belong2yourself.github.io/vulnerabilities/docs/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection/readme"
},
{
"type": "WEB",
"url": "https://github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection"
},
{
"type": "PACKAGE",
"url": "https://github.com/intelliants/subrion"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Subrion CMS PHP Object Injection"
}
Mitigation
If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.
Mitigation
When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.
Mitigation
Explicitly define a final object() to prevent deserialization.
Mitigation
- Make fields transient to protect them from deserialization.
- An attempt to serialize and then deserialize a class containing transient fields will result in NULLs where the transient data should be. This is an excellent way to prevent time, environment-based, or sensitive variables from being carried over and used improperly.
Mitigation
Avoid having unnecessary types or gadgets (a sequence of instances and method invocations that can self-execute during the deserialization process, often found in libraries) available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.
Mitigation
Employ cryptography of the data or code for protection. However, it's important to note that it would still be client-side security. This is risky because if the client is compromised then the security implemented on the client (the cryptography) can be bypassed.
Mitigation MIT-29
Strategy: Firewall
Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-586: Object Injection
An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.