logo

Database

Insecure deserialization In vantage6

Description

Pickle serialization vulnerable to Deserialization of Untrusted Data

What

We are using pickle as default serialization module but that has known security issues (see e.g. https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9).

In summary, it is not advisable to open Pickles that you create yourself locally. In vantage6, algorithms use pickles to send aggregated data around and to pack algorithm input or output. All of the Python algorithms that use the wrappers with default serialization are therefore vulnerable to this issue.

Solution: we should use JSON instead

Impact

All users of vantage6 that post tasks with algorithms that use the default serialization. The default serialization is used by default with all algorithm wrappers.

Patches

Not yet

Workarounds

Specify JSON serialization

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-239302. NVD-2023-239303. OSV-2023-239304. GHSA-5m22-cfq9-86x65. GCVE-2023-23930

References

1. https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x62. https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f03. https://github.com/pypa/advisory-database/tree/main/vulns/vantage6/PYSEC-2023-196.yaml4. https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#4005. https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.