GHSA-rpch-cqj9-h65r
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rpch-cqj9-h65r
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-rpch-cqj9-h65r/GHSA-rpch-cqj9-h65r.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-rpch-cqj9-h65r
- Aliases
- Published
- 2018-10-16T17:01:10Z
- Modified
- 2023-11-08T03:59:37.602008Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- High severity vulnerability that affects YamlDotNet and YamlDotNet.Signed
- Details
-
YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0.
- Database specific
{ "nvd_published_at": null, "github_reviewed_at": "2020-06-16T21:55:19Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-502", "CWE-639" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000210
- https://github.com/aaubry/YamlDotNet#version-500
- https://github.com/aaubry/YamlDotNet/blob/f96b7cc40a0498f8bafdeb49df3aa23aa2c60993/YamlDotNet/Serialization/NodeTypeResolvers/TypeNameInTagNodeTypeResolver.cs#L35
- https://github.com/advisories/GHSA-rpch-cqj9-h65r
- ps://github.com/aaubry/YamlDotNet
Affected packages
NuGet / YamlDotNet
Package
- Name
- YamlDotNet
- View open source insights on deps.dev
- Purl
- pkg:nuget/YamlDotNet
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.0
Affected versions
2.*
2.3.0-rc
3.*
3.0.0
3.1.0
3.1.1
3.2.0
3.2.1
3.2.2
3.3.0
3.3.1
3.4.0
3.5.0
3.5.1
3.6.0
3.6.1
3.7.0-pre129
3.7.0
3.8.0-pre138
3.8.0-pre143
3.8.0-pre145
3.8.0-pre146
3.8.0-pre147
3.8.0-pre148
3.8.0-pre155
3.8.0-pre156
3.8.0-pre158
3.8.0-pre159
3.8.0-pre161
3.8.0-pre162
3.8.0-pre167
3.8.0-pre169
3.8.0-pre170
3.8.0-pre171
3.8.0-pre175
3.8.0-pre178
3.8.0-pre184
3.8.0-pre185
3.8.0-pre186
3.8.0-pre187
3.8.0-pre188
3.8.0-pre189
3.8.0-pre190
3.8.0-pre191
3.8.0-pre193
3.8.0-pre194
3.8.0-pre195
3.8.0-pre196
3.8.0-pre197
3.8.0-pre198
3.8.0-pre199
3.8.0-pre200
3.8.0-pre201
3.8.0-pre203
3.8.0-pre206
3.8.0-pre209
3.8.0-pre210
3.8.0-pre211
3.8.0-pre214
3.8.0-pre221
3.8.0-pre222
3.8.0-pre223
3.8.0-pre232
3.8.0-pre233
3.8.0
3.9.0-pre239
3.9.0-pre240
3.9.0-pre241
3.9.0-pre243
3.9.0-pre245
3.9.0-pre249
3.9.0-pre252
3.9.0-pre254
3.9.0-pre259
3.9.0-pre262
3.9.0-pre263
3.9.0-pre265
3.9.0-pre268
3.9.0-pre269
3.9.0-pre270
3.9.0-pre271
3.9.0-pre273
3.9.0-pre276
3.9.0
3.9.1-pre274
3.9.1-pre275
3.9.1-pre277
3.9.1-pre279
4.*
4.0.0-pre272
4.0.0
4.0.1-pre281
4.0.1-pre284
4.0.1-pre285
4.0.1-pre287
4.0.1-pre288
4.0.1-pre291
4.0.1-pre292
4.0.1-pre297
4.0.1-pre298
4.0.1-pre305
4.0.1-pre306
4.0.1-pre307
4.0.1-pre308
4.0.1-pre309
4.0.1-pre318
4.0.1-pre319
4.0.1-pre322
4.0.1-pre323
4.1.0
4.1.1-cake-build0352
4.1.1-netstandard0377
4.1.1-netstandard0378
4.1.1-netstandard0381
4.1.1-netstandard0382
4.1.1-netstandard0383
4.1.1-netstandard0384
4.1.1-netstandard0385
4.1.1-netstandard0386
4.1.1-netstandard0387
4.1.1-netstandard0388
4.1.1-netstandard0389
4.1.1-netstandard0390
4.1.1-netstandard0391
4.1.1-netstandard0392
4.1.1-netstandard0395
4.1.1-netstandard0398
4.1.1-netstandard0405
4.1.1-netstandard0407
4.1.1-pre0354
4.1.1-pre0355
4.1.1-pre0356
4.1.1-pre0357
4.1.1-pre324
4.1.1-pre325
4.2.0
4.2.1-issue-2600412
4.2.1
4.2.2-fix-build0447
4.2.2-fix-build0448
4.2.2-net200423
4.2.2-pre0424
4.2.2-pre0425
4.2.2
4.2.3-pre0452
4.2.3-pre0454
4.2.3-vCipher-master0456
4.2.3
4.2.4-cleanup-solution0459
4.2.4-cleanup-solution0460
4.2.4-cleanup-solution0461
4.2.4
4.2.5-pre0464
4.3.0
4.3.1-pre0469
4.3.1
4.3.2-issue-3140480
4.3.2-issue-3140481
4.3.2-pre0473
4.3.2-pre0476
4.3.2-pre0478
4.3.2-pre0479
4.3.2-pre0482
4.3.2-pre0483
4.3.2-pre0485
4.3.2-pre0486
4.3.2
4.3.3-pre0489
NuGet / YamlDotNet.Signed
Package
- Name
- YamlDotNet.Signed
- View open source insights on deps.dev
- Purl
- pkg:nuget/YamlDotNet.Signed
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.0
Affected versions
3.*
3.3.1
3.4.0
3.5.0
3.5.1
3.6.0
3.6.1
3.7.0-pre129
3.7.0
3.8.0-pre143
3.8.0-pre145
3.8.0-pre146
3.8.0-pre147
3.8.0-pre148
3.8.0-pre155
3.8.0-pre156
3.8.0-pre158
3.8.0-pre159
3.8.0-pre161
3.8.0-pre162
3.8.0-pre167
3.8.0-pre169
3.8.0-pre170
3.8.0-pre171
3.8.0-pre175
3.8.0-pre178
3.8.0-pre184
3.8.0-pre185
3.8.0-pre186
3.8.0-pre187
3.8.0-pre188
3.8.0-pre189
3.8.0-pre190
3.8.0-pre191
3.8.0-pre193
3.8.0-pre194
3.8.0-pre195
3.8.0-pre196
3.8.0-pre197
3.8.0-pre198
3.8.0-pre199
3.8.0-pre200
3.8.0-pre201
3.8.0-pre203
3.8.0-pre206
3.8.0-pre209
3.8.0-pre210
3.8.0-pre211
3.8.0-pre214
3.8.0-pre221
3.8.0-pre222
3.8.0-pre223
3.8.0-pre232
3.8.0-pre233
3.8.0
3.9.0-pre239
3.9.0-pre240
3.9.0-pre241
3.9.0-pre243
3.9.0-pre245
3.9.0-pre249
3.9.0-pre252
3.9.0-pre254
3.9.0-pre259
3.9.0-pre262
3.9.0-pre263
3.9.0-pre265
3.9.0-pre268
3.9.0-pre269
3.9.0-pre270
3.9.0-pre271
3.9.0-pre273
3.9.0-pre276
3.9.0
3.9.1-pre274
3.9.1-pre275
3.9.1-pre277
3.9.1-pre279
4.*
4.0.0-pre272
4.0.0
4.0.1-pre281
4.0.1-pre284
4.0.1-pre285
4.0.1-pre287
4.0.1-pre288
4.0.1-pre291
4.0.1-pre292
4.0.1-pre297
4.0.1-pre298
4.0.1-pre305
4.0.1-pre306
4.0.1-pre307
4.0.1-pre308
4.0.1-pre309
4.0.1-pre318
4.0.1-pre319
4.0.1-pre322
4.0.1-pre323
4.1.0
4.1.1-netstandard0377
4.1.1-netstandard0378
4.1.1-netstandard0381
4.1.1-netstandard0382
4.1.1-netstandard0383
4.1.1-netstandard0384
4.1.1-netstandard0385
4.1.1-netstandard0386
4.1.1-netstandard0387
4.1.1-netstandard0388
4.1.1-netstandard0389
4.1.1-netstandard0390
4.1.1-netstandard0391
4.1.1-netstandard0392
4.1.1-netstandard0395
4.1.1-netstandard0398
4.1.1-netstandard0405
4.1.1-netstandard0407
4.1.1-pre0354
4.1.1-pre0355
4.1.1-pre0356
4.1.1-pre0357
4.1.1-pre324
4.1.1-pre325
4.2.0
4.2.1-issue-2600412
4.2.1
4.2.2-fix-build0447
4.2.2-fix-build0448
4.2.2-net200423
4.2.2-pre0424
4.2.2-pre0425
4.2.2
4.2.3-pre0452
4.2.3-pre0454
4.2.3-vCipher-master0456
4.2.3
4.2.4-cleanup-solution0459
4.2.4-cleanup-solution0460
4.2.4-cleanup-solution0461
4.2.4
4.2.5-pre0464
4.3.0
4.3.1-pre0469
4.3.1
4.3.2-issue-3140480
4.3.2-issue-3140481
4.3.2-pre0473
4.3.2-pre0476
4.3.2-pre0478
4.3.2-pre0479
4.3.2-pre0482
4.3.2-pre0483
4.3.2-pre0485
4.3.2-pre0486
4.3.2
4.3.3-pre0489