FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
aae8fecf-888e-11ea-9714-08002718de91	py-yaml -- FullLoader (still) exploitable for arbitrary command execution Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting the state of a deserialized instance through the set_python_instance_state method. After setting the state, some operations are performed on the instance to complete its initialization, however it is possible for an attacker to set the instance' state in such a way that arbitrary code is executed by the FullLoader. This patch tries to block such attacks in FullLoader by preventing set_python_instance_state from setting arbitrar properties. It implements a blacklist that includes extend method (called by construct_python_object_apply) and all special methods (e.g. __set__, __setitem__, etc.). Users who need special attributes being set in the state of a deserialized object can still do it through the UnsafeLoader, which however should not be used on untrusted input. Additionally, they can subclass FullLoader and redefine state_blacklist_regexp to include the additional attributes they need, passing the subclassed loader to yaml.load. Discovery 2020-03-02 Entry 2020-04-27 Modified 2020-04-29 py27-yaml py35-yaml py36-yaml py37-yaml py38-yaml < 5.3.1 https://bugzilla.redhat.com/show_bug.cgi?id=1807367 https://github.com/yaml/pyyaml/pull/386 CVE-2020-1747 ports/245937
f6ea18bb-65b9-11e9-8b31-002590045d9c	py-yaml -- arbitrary code execution pyyaml reports: the PyYAML.load function could be easily exploited to call any Python function. That means it could call any system command using os.system() Discovery 2018-06-27 Entry 2019-04-23 py27-yaml py35-yaml py36-yaml py37-yaml < 4.1 CVE-2017-18342 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342 https://github.com/yaml/pyyaml/pull/74

VuXML ID

Description

aae8fecf-888e-11ea-9714-08002718de91

py-yaml -- FullLoader (still) exploitable for arbitrary command execution

Riccardo Schirone (https://github.com/ret2libc) reports:

In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting the state of a deserialized instance through the set_python_instance_state method. After setting the state, some operations are performed on the instance to complete its initialization, however it is possible for an attacker to set the instance' state in such a way that arbitrary code is executed by the FullLoader.

This patch tries to block such attacks in FullLoader by preventing set_python_instance_state from setting arbitrar properties. It implements a blacklist that includes extend method (called by construct_python_object_apply) and all special methods (e.g. __set__, __setitem__, etc.).

Users who need special attributes being set in the state of a deserialized object can still do it through the UnsafeLoader, which however should not be used on untrusted input. Additionally, they can subclass FullLoader and redefine state_blacklist_regexp to include the additional attributes they need, passing the subclassed loader to yaml.load.

Discovery 2020-03-02
Entry 2020-04-27
Modified 2020-04-29
py27-yaml
py35-yaml
py36-yaml
py37-yaml
py38-yaml

< 5.3.1

https://bugzilla.redhat.com/show_bug.cgi?id=1807367
https://github.com/yaml/pyyaml/pull/386
CVE-2020-1747
ports/245937

f6ea18bb-65b9-11e9-8b31-002590045d9c

py-yaml -- arbitrary code execution

pyyaml reports:

the PyYAML.load function could be easily exploited to call any Python function. That means it could call any system command using os.system()

Discovery 2018-06-27
Entry 2019-04-23
py27-yaml
py35-yaml
py36-yaml
py37-yaml

< 4.1

CVE-2017-18342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342
https://github.com/yaml/pyyaml/pull/74