github - ghsa-538v-3wq9-4h3r

ghsa-538v-3wq9-4h3r

Vulnerability from github

Published

2025-10-01 12:30

Modified

2025-10-01 19:38

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Apache Pyfory python is vulnerable to deserialization of untrusted data

Details

Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of pickle.loads, which is vulnerable to remote code execution.

Users are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pyfory"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.12.0"
            },
            {
              "fixed": "0.12.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pyfury"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1.0"
            },
            {
              "last_affected": "0.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-61622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-01T19:38:16Z",
    "nvd_published_at": "2025-10-01T10:15:34Z",
    "severity": "CRITICAL"
  },
  "details": "Deserialization of untrusted data in\u00a0python in pyfory\u00a0versions 0.12.0 through 0.12.2, or the\u00a0legacy\u00a0pyfury versions from\u00a00.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources.\u00a0An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is\u00a0vulnerable to\u00a0remote code execution.\n\nUsers are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.",
  "id": "GHSA-538v-3wq9-4h3r",
  "modified": "2025-10-01T19:38:16Z",
  "published": "2025-10-01T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61622"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/pull/2629"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/commit/379b948ecae5c3b849e5bdb3997978c9a163e40b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/fory"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/releases/tag/v0.12.3"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/vfn9hp9qt06db5yo1gmj3l114o3o2csd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Pyfory python is vulnerable to deserialization of untrusted data"
}

CVE-2025-61622 (GCVE-0-2025-61622)

Vulnerability from cvelistv5

Published

2025-10-01 09:55

Modified

2025-10-01 13:08

Severity ?

CWE

CWE-502 - Deserialization of Untrusted Data

Summary

Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is vulnerable to remote code execution. Users are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.

References

▼	URL	Tags
	https://lists.apache.org/thread/vfn9hp9qt06db5yo1gmj3l114o3o2csd	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Fory

Version: 0.12.0 ≤ 0.12.2

Apache Software Foundation

Apache Fory

Version: 0.1.0 ≤ 0.10.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-61622",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T13:07:55.196758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T13:08:39.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pypi.python.org",
          "defaultStatus": "unaffected",
          "packageName": "pyfory",
          "product": "Apache Fory",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "0.12.2",
              "status": "affected",
              "version": "0.12.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pypi.python.org",
          "defaultStatus": "unaffected",
          "packageName": "pyfury",
          "product": "Apache Fory",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "0.10.3",
              "status": "affected",
              "version": "0.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Mapta / BugBunny_ai"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDeserialization of untrusted data in\u0026nbsp;python in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003epyfory\u0026nbsp;\u003c/span\u003eversions 0.12.0 through 0.12.2, or the\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elegacy\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003epyfury versions from\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;0.1.0 through 0.10.3:\u003c/span\u003e allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is\u0026nbsp;vulnerable to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eremote code execution.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Deserialization of untrusted data in\u00a0python in pyfory\u00a0versions 0.12.0 through 0.12.2, or the\u00a0legacy\u00a0pyfury versions from\u00a00.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources.\u00a0An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is\u00a0vulnerable to\u00a0remote code execution.\n\nUsers are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "critical"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T09:55:05.557Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/vfn9hp9qt06db5yo1gmj3l114o3o2csd"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-61622",
    "datePublished": "2025-10-01T09:55:05.557Z",
    "dateReserved": "2025-09-29T06:47:23.146Z",
    "dateUpdated": "2025-10-01T13:08:39.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted