CVE-2022-1471 – Remote Code execution in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-1471
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond. La clase Constructor() de SnakeYaml no restringe los tipos de los que se pueden crear instancias durante la deserialización. • https://github.com/1fabunicorn/SnakeYAML-CVE-2022-1471-POC http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html http://www.openwall.com/lists/oss-security/2023/11/19/1 https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 https://github.com/mbechler/marshalsec https://groups.google.com/g/kubernetes-security-announce& • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVE-2022-41854 – Stack Overflow in Snakeyaml
https://notcve.org/view.php?id=CVE-2022-41854
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. Aquellos que usan Snakeyaml para analizar archivos YAML que no son de confianza pueden ser vulnerables a ataques de Denegación de Servicio (DoS). Si el analizador se ejecuta con la entrada proporcionada por el usuario, un atacante puede proporcionar contenido que provoque que el analizador falle por desbordamiento de la pila. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J https://security.netapp.com/advisory/ntap-20240315-0009 https://security.netapp.com/advisory/ntap-20240621- • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-38752 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38752
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar contenido que hace que el analizador sea bloqueado por desbordamiento de pila A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash. • https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081 https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0009 https://access.redhat.com/security/cve/CVE-2022-38752 https://bugzilla.redhat.com/show_bug.cgi?id=2129710 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-38749 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38749
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar el contenido que hace que el analizador sea bloqueado por stackoverflow A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service. • https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0010 https://access.redhat.com/security/cve/CVE-2022-38749 https://bugzilla.redhat.com/show_bug.cgi?id=2129706 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-38751 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38751
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar el contenido que hace que el analizador sea bloqueado por desbordamiento de pila A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash. • https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0010 https://access.redhat.com/security/cve/CVE-2022-38751 https://bugzilla.redhat.com/show_bug.cgi?id=2129709 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •