View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0017590 | CentOS-8 | PyYAML | public | 2020-07-14 00:06 | 2020-07-14 00:06 |
Reporter | tylarb | Assigned To | |||
Priority | high | Severity | major | Reproducibility | always |
Status | new | Resolution | open | ||
Product Version | 8.2.2004 | ||||
Summary | 0017590: PyYAML shipped in Centos8 is susceptible to CVE-2017-18342 | ||||
Description | The version of PyYAML shipped with Centos 8 is based off of PyYAML 3.12, and is succeptable to CVE-2017-18342 https://nvd.nist.gov/vuln/detail/CVE-2017-18342 I expected that the patch marking yaml.load deprecated would be applied here. See here for details: https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation | ||||
Steps To Reproduce | yum install python3-pyyaml [root@5437a2df8784 /]# python3 Python 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 (Red Hat 8.3.1-4)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import yaml >>> print(yaml.__version__) 3.12 >>> yaml.load("!!python/object/new:os.system [echo EXPLOIT!]") EXPLOIT! 0 | ||||
Additional Information | It looks like the CVE has been fixed in Fedora, as noted in this bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1595744 | ||||
Tags | security | ||||