CVE-2019-20477
PyYAML: command execution through python/object/apply constructor in FullLoader
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.
PyYAML versiones 5.1 hasta 5.1.2, presenta restricciones insuficientes en las funciones load y load_all debido a un problema de deserialización de clase, por ejemplo, Popen es una clase en el módulo subprocess. NOTA: este problema se presenta debido a una corrección incompleta para el CVE-2017-18342.
A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/apply constructor.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-19 CVE Reserved
- 2020-02-19 CVE Published
- 2024-07-17 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-502: Deserialization of Untrusted Data
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://github.com/yaml/pyyaml/blob/master/CHANGES | Release Notes |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/download/47655 | 2024-08-05 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Pyyaml Search vendor "Pyyaml" | Pyyaml Search vendor "Pyyaml" for product "Pyyaml" | >= 5.1 <= 5.1.2 Search vendor "Pyyaml" for product "Pyyaml" and version " >= 5.1 <= 5.1.2" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 30 Search vendor "Fedoraproject" for product "Fedora" and version "30" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
|