GHSA-4574-qv3w-fcmg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-4574-qv3w-fcmg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-4574-qv3w-fcmg/GHSA-4574-qv3w-fcmg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-4574-qv3w-fcmg
- Aliases
- Published
- 2021-09-01T18:36:15Z
- Modified
- 2025-01-14T09:11:57.857547Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Deserialization of Untrusted Data in codeception/codeception
- Details
-
This affects the package codeception/codeception from 4.0.0 before 4.1.22 and before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation.
- Database specific
{ "github_reviewed": true, "severity": "CRITICAL", "nvd_published_at": "2021-08-11T13:15:00Z", "github_reviewed_at": "2021-08-30T19:17:39Z", "cwe_ids": [ "CWE-502" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-23420
- https://github.com/Codeception/Codeception/pull/6241
- https://github.com/Codeception/Codeception/commit/802a108057d250ee563120eaa5365a519afc0a71
- https://github.com/Codeception/Codeception/commit/cbce9ea7f4664052fa1ac6b36f5b5a6dbd864d71
- https://github.com/Codeception/Codeception
- https://github.com/Codeception/Codeception/blob/4.1/CHANGELOG-4.x.md#4122
- https://github.com/Codeception/Codeception/blob/4.1/ext/RunProcess.php#L52
- https://github.com/FriendsOfPHP/security-advisories/blob/master/codeception/codeception/CVE-2021-23420.yaml
- https://github.com/JinYiTong/poc
- https://github.com/advisories/GHSA-4574-qv3w-fcmg
- https://snyk.io/vuln/SNYK-PHP-CODECEPTIONCODECEPTION-1324585
Affected packages
Packagist / codeception/codeception
Package
- Name
- codeception/codeception
- Purl
- pkg:composer/codeception/codeception
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.1.3
Affected versions
1.*
1.0.9
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
1.1.0
1.1.2
1.1.3
1.1.4
1.1.5
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.6.0
1.6.0.1
1.6.0.3
1.6.0.4
1.6.1
1.6.1.1
1.6.2
1.6.3
1.6.3.1
1.6.4
1.6.4.1
1.6.4.2
1.6.5
1.6.6
1.6.7
1.6.8
1.6.8.1
1.6.11
1.6.12
1.7.0
1.7.0.1
1.7.0.2
1.7.1
1.7.2
1.7.3
1.7.4
1.8.0
1.8.0.1
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
2.*
2.0.0-alpha
2.0.0-beta
2.0.0-RC
2.0.0-RC2
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.10
2.0.10.1
2.0.11
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.1.0-beta
2.1.0-rc1
2.1.0
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.1.8
2.1.9
2.1.10
2.1.11
2.2.0-beta
2.2.0-RC
2.2.0-RC2
2.2.0
2.2.1
2.2.2
2.2.3
2.2.4
2.2.5
2.2.6
2.2.7
2.2.8
2.2.9
2.2.10
2.2.11
2.2.12
2.3.0
2.3.1
2.3.2
2.3.3
2.3.4
2.3.5
2.3.6
2.3.7
2.3.8
2.3.9
2.4.0
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
3.1.2
Packagist / codeception/codeception
Package
- Name
- codeception/codeception
- Purl
- pkg:composer/codeception/codeception