CVE-2017-16763
published 2017-11-10CVE-2017-16763: An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from…
PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.44%
90.2th percentile
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| confire_project | confire | — | — |
| confire_project | confire | >= 0 < 8cc86a5ec2327e070f1d576d61bbaadf861597ea | 8cc86a5ec2327e070f1d576d61bbaadf861597ea |
| confire_project | confire | 0 – 0.2.0 | — |
| confire_project | confire | >= 0.1.0 | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Unsafe deserialization in confire
ghsa·2018-07-18
CVE-2017-16763 [CRITICAL] Unsafe deserialization in confire
Unsafe deserialization in confire
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.
OSV
Unsafe deserialization in confire
osv·2018-07-18
CVE-2017-16763 [CRITICAL] Unsafe deserialization in confire
Unsafe deserialization in confire
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.
OSV
CVE-2017-16763: An exploitable vulnerability exists in the YAML parsing functionality in config
osv·2017-11-10
CVE-2017-16763 CVE-2017-16763: An exploitable vulnerability exists in the YAML parsing functionality in config
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/bbengfort/confire/commit/8cc86a5ec2327e070f1d576d61bbaadf861597eahttps://github.com/bbengfort/confire/issues/24https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16763-configure-loaded-through-confire/https://github.com/bbengfort/confire/commit/8cc86a5ec2327e070f1d576d61bbaadf861597eahttps://github.com/bbengfort/confire/issues/24https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16763-configure-loaded-through-confire/
2017-11-10
Published