9.8

CVE-2023-46302

Exploit

Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml  https://nvd.nist.gov/vuln/detail/CVE-2022-1471 .

Apache Submarine uses JAXRS to define REST endpoints.  In order to
handle YAML requests (using application/yaml content-type), it defines
a YamlEntityProvider entity provider that will process all incoming
YAML requests.  In order to unmarshal the request, the readFrom method
is invoked, passing the entityStream containing the user-supplied data in `submarine-server/server-core/src/main/java/org/apache/submarine/server/utils/YamlUtils.java`.
 
We have now fixed this issue in the new version by replacing to `jackson-dataformat-yaml`.
This issue affects Apache Submarine: from 0.7.0 before 0.8.0. Users are recommended to upgrade to version 0.8.0, which fixes this issue.
If using the version smaller than 0.8.0  and not want to upgrade, you can try cherry-pick PR  https://github.com/apache/submarine/pull/1054  and rebuild the submart-server image to fix this.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheSubmarine Version >= 0.7.0 < 0.8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.371
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.