CVE-2022-1471

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
References
Link Resource
http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2023/11/19/1
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 Issue Tracking Third Party Advisory
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 Exploit Third Party Advisory
https://github.com/mbechler/marshalsec Exploit Third Party Advisory
https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
https://security.netapp.com/advisory/ntap-20230818-0015/
https://security.netapp.com/advisory/ntap-20240621-0006/
https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true Exploit Third Party Advisory
http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2023/11/19/1
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 Issue Tracking Third Party Advisory
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 Exploit Third Party Advisory
https://github.com/mbechler/marshalsec Exploit Third Party Advisory
https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
https://security.netapp.com/advisory/ntap-20230818-0015/
https://security.netapp.com/advisory/ntap-20240621-0006/
https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:40

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html - () http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html -
References () http://www.openwall.com/lists/oss-security/2023/11/19/1 - () http://www.openwall.com/lists/oss-security/2023/11/19/1 -
References () https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 - Issue Tracking, Third Party Advisory () https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 - Issue Tracking, Third Party Advisory
References () https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 - Exploit, Third Party Advisory () https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 - Exploit, Third Party Advisory
References () https://github.com/mbechler/marshalsec - Exploit, Third Party Advisory () https://github.com/mbechler/marshalsec - Exploit, Third Party Advisory
References () https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc - () https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc -
References () https://security.netapp.com/advisory/ntap-20230818-0015/ - () https://security.netapp.com/advisory/ntap-20230818-0015/ -
References () https://security.netapp.com/advisory/ntap-20240621-0006/ - () https://security.netapp.com/advisory/ntap-20240621-0006/ -
References () https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true - Exploit, Third Party Advisory () https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true - Exploit, Third Party Advisory
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 8.3

21 Jun 2024, 19:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240621-0006/ -

19 Nov 2023, 15:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2023/11/19/1 -

13 Oct 2023, 16:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html -

18 Aug 2023, 14:15

Type Values Removed Values Added
References
  • (MISC) https://security.netapp.com/advisory/ntap-20230818-0015/ -

Information

Published : 2022-12-01 11:15

Updated : 2024-11-21 06:40


NVD link : CVE-2022-1471

Mitre link : CVE-2022-1471

CVE.ORG link : CVE-2022-1471


JSON object : View

Products Affected

snakeyaml_project

  • snakeyaml
CWE
CWE-20

Improper Input Validation

CWE-502

Deserialization of Untrusted Data