CVE-2011-4104

The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2011/11/02/1	Patch
https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/	Vendor Advisory
https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2	Patch
http://www.openwall.com/lists/oss-security/2011/11/02/7
https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:djangoproject:tastypie:*:*:*:*:*:*:*:*

Information

Published : 2014-10-26 18:55

Updated : 2018-08-13 14:47

NVD link : CVE-2011-4104

Mitre link : CVE-2011-4104

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

djangoproject

tastypie

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2011/11/02/1", "name": "[oss-security] 20111102 Re: CVE request for Django-piston and Tastypie", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/", "name": "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2", "name": "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/02/7", "name": "[oss-security] 20111102 Re: Re: CVE request for Django-piston and Tastypie", "tags": [], "refsource": "MLIST"}, {"url": "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI", "name": "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-4104", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-10-27T01:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:djangoproject:tastypie:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "0.9.9"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-08-13T21:47Z"}