cnvd - cnvd-2024-02671

CNVD-2024-02671

Vulnerability from cnvd - Published: 2024-02-01

Title

PyDrive2存在反序列化命令执行漏洞

Description

PyDrive2是Iterative开源的一个google-api-python-client的包装库。 PyDrive2存在反序列化命令执行漏洞，攻击者可利用该漏洞执行任意命令。

Severity

中

Patch Name

PyDrive2存在反序列化命令执行漏洞的补丁

Patch Description

PyDrive2是Iterative开源的一个google-api-python-client的包装库。 PyDrive2存在反序列化命令执行漏洞，攻击者可利用该漏洞执行任意命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5

Impacted products

Name
iterative PyDrive2 <=1.16.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-49297"
    }
  },
  "description": "PyDrive2\u662fIterative\u5f00\u6e90\u7684\u4e00\u4e2agoogle-api-python-client\u7684\u5305\u88c5\u5e93\u3002\n\nPyDrive2\u5b58\u5728\u53cd\u5e8f\u5217\u5316\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "\u9648\u7ea2\u677e\uff0c\u7f57\u8c22\u5929",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-02671",
  "openTime": "2024-02-01",
  "patchDescription": "PyDrive2\u662fIterative\u5f00\u6e90\u7684\u4e00\u4e2agoogle-api-python-client\u7684\u5305\u88c5\u5e93\u3002\r\n\r\nPyDrive2\u5b58\u5728\u53cd\u5e8f\u5217\u5316\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "PyDrive2\u5b58\u5728\u53cd\u5e8f\u5217\u5316\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "iterative PyDrive2 \u003c=1.16.2"
  },
  "serverity": "\u4e2d",
  "submitTime": "2023-12-18",
  "title": "PyDrive2\u5b58\u5728\u53cd\u5e8f\u5217\u5316\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}

CVE-2023-49297 (GCVE-0-2023-49297)

Vulnerability from cvelistv5 – Published: 2023-12-05 20:51 – Updated: 2025-02-13 17:18

Summary

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via `LoadSettingsFile`. This is a deserilization attack that will affect any user who initializes GoogleAuth from this package while a malicious yaml file is present in the same directory. This vulnerability does not require the file to be directly loaded through the code, only present. This issue has been addressed in commit `c57355dc` which is included in release version `1.16.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity ?

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

GitHub_M

References

URL

Tags

	https://github.com/iterative/PyDrive2/security/ad…	x_refsource_CONFIRM
	https://github.com/iterative/PyDrive2/commit/c573…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

	Vendor	Product	Version
	iterative	PyDrive2	Affected: < 1.16.2 Affected: = 1.17.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:53:45.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5"
          },
          {
            "name": "https://github.com/iterative/PyDrive2/commit/c57355dc2033ad90b7050d681b2c3ba548ff0004",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/iterative/PyDrive2/commit/c57355dc2033ad90b7050d681b2c3ba548ff0004"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYR5SJKOFSSXFV3E3D2SLXBUBA5WMJJG/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K34YWTDKBAYWZPOAKBYDM72WIFL5CAYW/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PyDrive2",
          "vendor": "iterative",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.16.2"
            },
            {
              "status": "affected",
              "version": "= 1.17.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via `LoadSettingsFile`. This is a deserilization attack that will affect any user who initializes GoogleAuth from this package while a malicious yaml file is present in the same directory. This vulnerability does not require the file to be directly loaded through the code, only present. This issue has been addressed in commit `c57355dc` which is included in release version `1.16.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502: Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-16T02:06:33.057Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/iterative/PyDrive2/security/advisories/GHSA-v5f6-hjmf-9mc5"
        },
        {
          "name": "https://github.com/iterative/PyDrive2/commit/c57355dc2033ad90b7050d681b2c3ba548ff0004",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/iterative/PyDrive2/commit/c57355dc2033ad90b7050d681b2c3ba548ff0004"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYR5SJKOFSSXFV3E3D2SLXBUBA5WMJJG/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K34YWTDKBAYWZPOAKBYDM72WIFL5CAYW/"
        }
      ],
      "source": {
        "advisory": "GHSA-v5f6-hjmf-9mc5",
        "discovery": "UNKNOWN"
      },
      "title": "Unsafe YAML deserialization in PyDrive2"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-49297",
    "datePublished": "2023-12-05T20:51:24.143Z",
    "dateReserved": "2023-11-24T16:45:24.314Z",
    "dateUpdated": "2025-02-13T17:18:41.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2024-02671

CVE-2023-49297 (GCVE-0-2023-49297)

Tags

Sightings

Nomenclature