Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS01bTIyLWNmcTktODZ4Ns4AA2cN

Pickle serialization vulnerable to Deserialization of Untrusted Data

What

We are using pickle as default serialization module but that has known security issues (see e.g. https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9).

In summary, it is not advisable to open Pickles that you create yourself locally. In vantage6, algorithms use pickles to send aggregated data around and to pack algorithm input or output. All of the Python algorithms that use the wrappers with default serialization are therefore vulnerable to this issue.

Solution: we should use JSON instead

Impact

All users of vantage6 that post tasks with algorithms that use the default serialization. The default serialization is used by default with all algorithm wrappers.

Patches

Not yet

Workarounds

Specify JSON serialization

Permalink: https://github.com/advisories/GHSA-5m22-cfq9-86x6
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01bTIyLWNmcTktODZ4Ns4AA2cN
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 1 year ago
Updated: 2 months ago

CVSS Score: 7.2
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Percentage: 0.00127
EPSS Percentile: 0.47785

Identifiers: GHSA-5m22-cfq9-86x6, CVE-2023-23930
References:

• https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6
• https://nvd.nist.gov/vuln/detail/CVE-2023-23930
• https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0
• https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400
• https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9
• https://github.com/pypa/advisory-database/tree/main/vulns/vantage6/PYSEC-2023-196.yaml
• https://github.com/advisories/GHSA-5m22-cfq9-86x6

Repository: https://github.com/vantage6/vantage6
Blast Radius: 6.9

Affected Packages