YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0.
mkoertgen
commented
5 years ago
CVE-2018-1000210 - High Severity Vulnerability
Stamps an assembly with git information based on SemVer.
path: /FontAwesome.Sharp/FontEnumGenerator/packages.config,/FontAwesome.Sharp/TestWpf/packages.config,/FontAwesome.Sharp/FontAwesome.Sharp/packages.config,/FontAwesome.Sharp/FontAwesome.Sharp.Tests/packages.config,/FontAwesome.Sharp/TestForms/packages.config
Library home page: https://api.nuget.org/packages/gitversiontask.4.0.0.nupkg
Dependency Hierarchy: - :x: **gitversiontask.4.0.0.nupkg** (Vulnerable Library)YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0.
Publish Date: 2018-07-13
URL: CVE-2018-1000210
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with WhiteSource here