Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwY2gtY3FqOS1oNjVy

High EPSS: 0.00339% (0.55637 Percentile) EPSS:
Permalink JSON

High severity vulnerability that affects YamlDotNet and YamlDotNet.Signed

Affected Packages Affected Versions Fixed Versions
nuget:YamlDotNet.Signed
PURL: pkg:nuget/YamlDotNet.Signed
<= 4.3.2 5.0.0
28 Dependent packages
0 Dependent repositories

Affected Version Ranges

All affected versions

3.3.1, 3.4.0, 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, 3.8.0, 3.9.0, 4.0.0, 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.3.0, 4.3.1, 4.3.2

All unaffected versions

5.0.0, 5.0.1, 5.1.0, 5.2.0, 5.2.1, 5.3.0, 5.3.1, 5.4.0, 6.0.0
nuget:YamlDotNet
PURL: pkg:nuget/YamlDotNet
<= 4.3.2 5.0.0
560 Dependent packages
0 Dependent repositories
341,731,549 Downloads total

Affected Version Ranges

All affected versions

3.0.0, 3.1.0, 3.1.1, 3.2.0, 3.2.1, 3.2.2, 3.3.0, 3.3.1, 3.4.0, 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, 3.8.0, 3.9.0, 4.0.0, 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.3.0, 4.3.1, 4.3.2

All unaffected versions

5.0.0, 5.0.1, 5.1.0, 5.2.0, 5.2.1, 5.3.0, 5.3.1, 5.4.0, 6.0.0, 6.1.1, 6.1.2, 7.0.0, 8.0.0, 8.1.0, 8.1.1, 8.1.2, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 10.0.0, 10.1.0, 11.0.1, 11.1.0, 11.1.1, 11.2.0, 11.2.1, 12.0.0, 12.0.1, 12.0.2, 12.1.0, 12.2.0, 12.2.1, 12.3.0, 12.3.1, 13.0.0, 13.0.1, 13.0.2, 13.1.0, 13.1.1, 13.2.0, 13.3.1, 13.4.0, 13.5.0, 13.5.1, 13.5.2, 13.7.0, 13.7.1, 15.1.0, 15.1.1, 15.1.2, 15.1.4, 15.1.6, 15.3.0, 16.0.0, 16.1.0, 16.1.1, 16.1.2, 16.1.3, 16.2.0, 16.2.1, 16.3.0

YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0.

References:

Identifiers

GHSA-rpch-cqj9-h65r

CVE-2018-1000210

Risk

Severity

High

EPSS

EPSS Percentage: 0.00339

EPSS Percentile: 0.55637

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/aaubry/YamlDotNet

Date and time

Published

almost 7 years ago

Updated

over 2 years ago

API

JSON