9.3

CVE-2021-38305

EPSS 0.64%
Published 09.08.2021 21:15:08
Last modified 21.11.2024 06:16:45
Source cve@mitre.org
Teams watchlist Login
Open Login

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each line is run through Python's eval function to make the validator available. A well-constructed string within the schema rules can execute system commands; thus, by exploiting the vulnerability, an attacker can run arbitrary code on the image that invokes Yamale.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

23andme ≫ Yamale Version < 3.0.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.64%	0.679

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://github.com/23andMe/Yamale/pull/165

Patch

Third Party Advisory

https://github.com/23andMe/Yamale/releases/tag/3.0.8

Third Party Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-38305

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-38305

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-38305

EUVD