CVE-2011-4104

The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2011/11/02/1	Patch
http://www.openwall.com/lists/oss-security/2011/11/02/7
https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2	Patch
https://groups.google.com/forum/#%21topic/django-tastypie/i2aNGDHTUBI
https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:djangoproject:tastypie:*:*:*:*:*:*:*:*

History

07 Nov 2023, 02:09

Type	Values Removed	Values Added
References	~~{'url': 'https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI', 'name': 'https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI', 'tags': [], 'refsource': 'CONFIRM'}~~	() https://groups.google.com/forum/#%21topic/django-tastypie/i2aNGDHTUBI -

Information

Published : 2014-10-27 01:55

Updated : 2023-12-10 11:31

NVD link : CVE-2011-4104

Mitre link : CVE-2011-4104

CVE.ORG link : CVE-2011-4104

JSON object : View

Products Affected

djangoproject

tastypie

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2011-4104", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-27T01:55:23.407", "references": [{"url": "http://www.openwall.com/lists/oss-security/2011/11/02/1", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/02/7", "source": "secalert@redhat.com"}, {"url": "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://groups.google.com/forum/#%21topic/django-tastypie/i2aNGDHTUBI", "source": "secalert@redhat.com"}, {"url": "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method."}, {"lang": "es", "value": "El m\u00e9todo from_yaml en serializers.py en Django Tastypie anterior a 0.9.10 no deserializa debidamente los datos YAML, lo que permite a atacantes remotos ejecutar c\u00f3digo Python arbitrario a trav\u00e9s de vectores relacionados con el m\u00e9todo yaml.load."}], "lastModified": "2023-11-07T02:09:15.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:djangoproject:tastypie:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6D983F7-056E-4271-B345-22B37205031B", "versionEndIncluding": "0.9.9"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}