CVE-2016-4972 – python-muranoclient

Package

Manager: pip
Name: python-muranoclient
Vulnerable Version: >=0 <0.7.3 || >=0.8.0 <0.8.5

Severity

Level: Critical

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.03928 pctl0.87858

Details

OpenStack Murano Code Execution OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5 (mitaka) improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files, which allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages.

Metadata

Created: 2022-05-17T03:48:22Z
Modified: 2024-10-25T20:43:52Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-87r7-q54j-f9qg/GHSA-87r7-q54j-f9qg.json
CWE IDs: ["CWE-20"]
Alternative ID: GHSA-87r7-q54j-f9qg
Finding: F184
Auto approve: 1