VYPR

CWE-502

Deserialization of Untrusted Data

BaseDraftLikelihood: Medium

Description

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-586

CVEs mapped to this weakness (1,721)

page 39 of 87
  • CVE-2020-11067HigMay 14, 2020
    risk 0.57cvss 8.8epss 0.02

    In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that backend user settings (in $BE_USER->uc) are vulnerable to insecure deserialization. In combination with vulnerabilities of third party components, this can lead to remote code execution. A…

  • CVE-2020-7610CriMar 30, 2020
    risk 0.57cvss 9.8epss 0.02

    All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.

  • CVE-2020-2168HigMar 25, 2020
    risk 0.57cvss 8.8epss 0.02

    Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

  • CVE-2020-2167HigMar 25, 2020
    risk 0.57cvss 8.8epss 0.02

    Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

  • CVE-2020-2166HigMar 25, 2020
    risk 0.57cvss 8.8epss 0.02

    Jenkins Pipeline: AWS Steps Plugin 1.40 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

  • CVE-2020-2158HigMar 9, 2020
    risk 0.57cvss 8.8epss 0.03

    Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

  • CVE-2019-14893CriMar 2, 2020
    risk 0.57cvss 9.8epss 0.04

    A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as…

  • CVE-2019-14892CriMar 2, 2020
    risk 0.57cvss 9.8epss 0.05

    A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.

  • CVE-2020-9546CriMar 2, 2020
    risk 0.57cvss 9.8epss 0.05

    FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

  • CVE-2020-2121HigFeb 12, 2020
    risk 0.57cvss 8.8epss 0.03

    Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

  • CVE-2019-20330CriJan 3, 2020
    risk 0.57cvss 9.8epss 0.09

    FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

  • CVE-2019-19849HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel…

  • CVE-2019-17531CriOct 12, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the…

  • CVE-2019-17267CriOct 7, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

  • CVE-2019-17206CriOct 5, 2019
    risk 0.57cvss 9.8epss 0.03

    Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts.

  • CVE-2019-16943CriOct 1, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an…

  • CVE-2019-16942CriOct 1, 2019
    risk 0.57cvss 9.8epss 0.06

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and…

  • CVE-2019-16335CriSep 15, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

  • CVE-2018-11307CriJul 9, 2019
    risk 0.57cvss 9.8epss 0.06

    An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.

  • CVE-2019-1000005HigFeb 4, 2019
    risk 0.57cvss 8.8epss 0.02

    mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of Untrusted Data vulnerability in getImage() method of Image/ImageProcessor class that can result in Arbitry code execution, file write, etc.. This attack appears to be exploitable via attacker must host crafted…