Common Weakness Enumeration

CWE-502

Allowed

Deserialization of Untrusted Data

Abstraction: Base · Status: Draft

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

4797 vulnerabilities reference this CWE, most recent first.

GHSA-54Q6-CWPF-M2C8

Vulnerability from github – Published: 2023-05-09 15:30 – Updated: 2024-04-04 03:55
VLAI
Details

A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-30898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-09T13:15:18Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Siveillance Video 2020 R2 (All versions \u003c V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions \u003c V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions \u003c V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions \u003c V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions \u003c V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions \u003c V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions \u003c V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions \u003c V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system.",
  "id": "GHSA-54q6-cwpf-m2c8",
  "modified": "2024-04-04T03:55:27Z",
  "published": "2023-05-09T15:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30898"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789345.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-554M-HJXR-QF42

Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2026-04-01 18:35
VLAI
Details

Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical Clinic allows Object Injection. This issue affects MediCenter - Health Medical Clinic: from n/a through 15.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54014"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-20T08:15:45Z",
    "severity": "CRITICAL"
  },
  "details": "Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical Clinic allows Object Injection. This issue affects MediCenter - Health Medical Clinic: from n/a through 15.1.",
  "id": "GHSA-554m-hjxr-qf42",
  "modified": "2026-04-01T18:35:56Z",
  "published": "2025-08-20T09:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54014"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/theme/medicenter/vulnerability/wordpress-medicenter-health-medical-clinic-15-1-php-object-injection-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-556J-VV66-V5JP

Vulnerability from github – Published: 2026-07-01 21:36 – Updated: 2026-07-02 18:36
VLAI
Details

An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-51947"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-01T19:16:53Z",
    "severity": "CRITICAL"
  },
  "details": "An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253.",
  "id": "GHSA-556j-vv66-v5jp",
  "modified": "2026-07-02T18:36:24Z",
  "published": "2026-07-01T21:36:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-51947"
    },
    {
      "type": "WEB",
      "url": "https://support.pivotal.aurea.com/article/129552-remediating-insecure-deserialization-cwe-502-in-pivotal-6-6-04-08-smart-client-pbs"
    },
    {
      "type": "WEB",
      "url": "https://timtimxs.github.io/CVE-2026-39253-Advisory"
    },
    {
      "type": "WEB",
      "url": "https://timtimxs.github.io/CVE-2026-51947-Advisory"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-55G9-6C2X-GF8Q

Vulnerability from github – Published: 2025-05-26 09:30 – Updated: 2025-06-06 15:37
VLAI
Summary
HumanSignal label-studio-ml-backend Deserialization of Untrusted Data vulnerability
Details

A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/label_studio_ml/examples/yolo/utils/neural_nets.py of the component PT File Handler. The manipulation of the argument path leads to deserialization. An attack has to be approached locally. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "label-studio-ml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-5173"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-06T15:37:46Z",
    "nvd_published_at": "2025-05-26T07:15:26Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/label_studio_ml/examples/yolo/utils/neural_nets.py of the component PT File Handler. The manipulation of the argument path leads to deserialization. An attack has to be approached locally. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.",
  "id": "GHSA-55g9-6c2x-gf8q",
  "modified": "2025-06-06T15:37:46Z",
  "published": "2025-05-26T09:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5173"
    },
    {
      "type": "WEB",
      "url": "https://github.com/HumanSignal/label-studio-ml-backend/issues/765"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/HumanSignal/label-studio-ml-backend"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.310261"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.310261"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.578126"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "HumanSignal label-studio-ml-backend Deserialization of Untrusted Data vulnerability"
}

GHSA-5639-7QCH-2GCR

Vulnerability from github – Published: 2024-12-21 09:30 – Updated: 2026-04-08 18:33
VLAI
Details

The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12721"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-21T07:15:09Z",
    "severity": "HIGH"
  },
  "details": "The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the \u0027wb_custom_tabs\u0027 parameter. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.",
  "id": "GHSA-5639-7qch-2gcr",
  "modified": "2026-04-08T18:33:46Z",
  "published": "2024-12-21T09:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12721"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/wb-custom-product-tabs-for-woocommerce/trunk/includes/class-wb-custom-product-tabs-for-woocommerce.php#L366"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3213473%40wb-custom-product-tabs-for-woocommerce\u0026new=3213473%40wb-custom-product-tabs-for-woocommerce\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3fdc6a04-ef39-498a-b739-f40d5d8af47e?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-565G-HWWR-4PP3

Vulnerability from github – Published: 2025-12-15 23:35 – Updated: 2025-12-20 02:30
VLAI
Summary
Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list
Details

Fickling Assessment

Based on the test case provided in the original report below, this bypass was caused by marshal and types missing from the block list of unsafe module imports, Fickling started blocking both modules to address this issue. This was fixed in https://github.com/trailofbits/fickling/pull/186. The crash is unrelated and has no security impact—it will be addressed separately.

Original report

Summary

There's missing detection for the python modules, marshal.loads and types.FunctionType and Fickling throws unhandled ValueErrors when the stack is deliberately exhausted.

Details

Fickling simply doesn't have the aforementioned modules in its list of unsafe imports and therefore it fails to get detected.

PoC

The following is a disassembled view of a malicious pickle file that uses these modules:

    0: \x80 PROTO      4
    2: \x95 FRAME      0
   11: \x8c SHORT_BINUNICODE 'marshal'
   20: \x8c SHORT_BINUNICODE 'loads'
   27: \x93 STACK_GLOBAL
   28: \x94 MEMOIZE    (as 0)
   29: h    BINGET     0
   31: C    SHORT_BINBYTES b'\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\xf30\x00\x00\x00\x95\x00S\x00S\x01K\x00r\x00\\\x00R\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"\x00S\x025\x01\x00\x00\x00\x00\x00\x00 \x00g\x01)\x03\xe9\x00\x00\x00\x00N\xda\x02id)\x02\xda\x02os\xda\x06system\xa9\x00\xf3\x00\x00\x00\x00\xda\x08<string>\xda\x08<module>r\t\x00\x00\x00\x01\x00\x00\x00s\x13\x00\x00\x00\xf0\x03\x01\x01\x01\xe3\x00\t\xd8\x00\x02\x87\t\x82\t\x88$\x85\x0fr\x07\x00\x00\x00'
  198: \x85 TUPLE1
  199: R    REDUCE
  200: \x94 MEMOIZE    (as 1)
  201: \x8c SHORT_BINUNICODE 'types'
  208: \x8c SHORT_BINUNICODE 'FunctionType'
  222: \x93 STACK_GLOBAL
  223: \x94 MEMOIZE    (as 2)
  224: h    BINGET     2
  226: h    BINGET     1
  228: }    EMPTY_DICT
  229: \x86 TUPLE2
  230: R    REDUCE
  231: \x94 MEMOIZE    (as 3)
  232: h    BINGET     3
  234: )    EMPTY_TUPLE
  235: R    REDUCE
  236: \x94 MEMOIZE    (as 4)
  237: \x8c SHORT_BINUNICODE 'gottem'
  245: b    BUILD
  246: .    STOP
 ```

When analyzing this modified file, safety_result.json shows:

{ "severity": "LIKELY_SAFE", "analysis": "Warning: Fickling failed to detect any overtly unsafe code,but the pickle file may still be unsafe.Do not unpickle this file if it is from an untrusted source!\n\n", "detailed_results": {} }


Furthermore, when we run `fickling -s <path_to_malicious_file>`, we also encounter this error:

Traceback (most recent call last): File "/fickling", line 7, in sys.exit(main()) ^^^^^^ File "/fickling/cli.py", line 163, in main safety_results = check_safety(pickled, json_output_path=json_output_path) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/analysis.py", line 408, in check_safety results = analyzer.analyze(pickled) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/analysis.py", line 65, in analyze context.analyze(a) File "/fickling/analysis.py", line 31, in analyze results = list(analysis.analyze(self)) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/analysis.py", line 196, in analyze for node in context.pickled.non_standard_imports(): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/fickle.py", line 826, in non_standard_imports for node in self.properties.imports: ^^^^^^^^^^^^^^^ File "/fickling/fickle.py", line 777, in properties self._properties.visit(self.ast) ^^^^^^^^ File "/fickling/fickle.py", line 833, in ast self._ast = Interpreter.interpret(self) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/fickle.py", line 1001, in interpret return Interpreter(pickled).to_ast() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/fickling/fickle.py", line 927, in to_ast self.run() File "/fickling/fickle.py", line 971, in run self.step() File "/fickling/fickle.py", line 989, in step opcode.run(self) File "/fickling/fickle.py", line 1767, in run raise ValueError("Exhausted the stack while searching for a MarkObject!") ValueError: Exhausted the stack while searching for a MarkObject! ```

Impact

This allows an attacker to craft a malicious pickle file that can bypass fickling since it misses detections for types.FunctionType and marshal.loads. A user who deserializes such a file, believing it to be safe, would inadvertently execute arbitrary code on their system. This impacts any user or system that uses Fickling to vet pickle files for security issues.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "fickling"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.1.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67747"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-184",
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-15T23:35:55Z",
    "nvd_published_at": "2025-12-16T01:15:52Z",
    "severity": "HIGH"
  },
  "details": "## Fickling Assessment\n\nBased on the test case provided in the original report below, this bypass was caused by `marshal` and `types` missing from the block list of unsafe module imports, Fickling started blocking both modules to address this issue. This was fixed in https://github.com/trailofbits/fickling/pull/186. The crash is unrelated and has no security impact\u2014it will be addressed separately.\n\n## Original report\n\n### Summary\nThere\u0027s missing detection for the python modules, `marshal.loads` and `types.FunctionType` and Fickling throws unhandled ValueErrors when the stack is deliberately exhausted.\n\n### Details\nFickling simply doesn\u0027t have the aforementioned modules in its list of unsafe imports and therefore it fails to get detected.\n\n### PoC\nThe following is a disassembled view of a malicious pickle file that uses these modules:\n```\n    0: \\x80 PROTO      4\n    2: \\x95 FRAME      0\n   11: \\x8c SHORT_BINUNICODE \u0027marshal\u0027\n   20: \\x8c SHORT_BINUNICODE \u0027loads\u0027\n   27: \\x93 STACK_GLOBAL\n   28: \\x94 MEMOIZE    (as 0)\n   29: h    BINGET     0\n   31: C    SHORT_BINBYTES b\u0027\\xe3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xf30\\x00\\x00\\x00\\x95\\x00S\\x00S\\x01K\\x00r\\x00\\\\\\x00R\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\\x00S\\x025\\x01\\x00\\x00\\x00\\x00\\x00\\x00 \\x00g\\x01)\\x03\\xe9\\x00\\x00\\x00\\x00N\\xda\\x02id)\\x02\\xda\\x02os\\xda\\x06system\\xa9\\x00\\xf3\\x00\\x00\\x00\\x00\\xda\\x08\u003cstring\u003e\\xda\\x08\u003cmodule\u003er\\t\\x00\\x00\\x00\\x01\\x00\\x00\\x00s\\x13\\x00\\x00\\x00\\xf0\\x03\\x01\\x01\\x01\\xe3\\x00\\t\\xd8\\x00\\x02\\x87\\t\\x82\\t\\x88$\\x85\\x0fr\\x07\\x00\\x00\\x00\u0027\n  198: \\x85 TUPLE1\n  199: R    REDUCE\n  200: \\x94 MEMOIZE    (as 1)\n  201: \\x8c SHORT_BINUNICODE \u0027types\u0027\n  208: \\x8c SHORT_BINUNICODE \u0027FunctionType\u0027\n  222: \\x93 STACK_GLOBAL\n  223: \\x94 MEMOIZE    (as 2)\n  224: h    BINGET     2\n  226: h    BINGET     1\n  228: }    EMPTY_DICT\n  229: \\x86 TUPLE2\n  230: R    REDUCE\n  231: \\x94 MEMOIZE    (as 3)\n  232: h    BINGET     3\n  234: )    EMPTY_TUPLE\n  235: R    REDUCE\n  236: \\x94 MEMOIZE    (as 4)\n  237: \\x8c SHORT_BINUNICODE \u0027gottem\u0027\n  245: b    BUILD\n  246: .    STOP\n ```\n\nWhen analyzing this modified file, safety_result.json shows:\n```\n{\n    \"severity\": \"LIKELY_SAFE\",\n    \"analysis\": \"Warning: Fickling failed to detect any overtly unsafe code,but the pickle file may still be unsafe.Do not unpickle this file if it is from an untrusted source!\\n\\n\",\n    \"detailed_results\": {}\n}\n```\n\nFurthermore, when we run `fickling -s \u003cpath_to_malicious_file\u003e`, we also encounter this error:\n```\nTraceback (most recent call last):\n  File \"\u003cpath\u003e/fickling\", line 7, in \u003cmodule\u003e\n    sys.exit(main())\n             ^^^^^^\n  File \"\u003cpath\u003e/fickling/cli.py\", line 163, in main\n    safety_results = check_safety(pickled, json_output_path=json_output_path)\n                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/analysis.py\", line 408, in check_safety\n    results = analyzer.analyze(pickled)\n              ^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/analysis.py\", line 65, in analyze\n    context.analyze(a)\n  File \"\u003cpath\u003e/fickling/analysis.py\", line 31, in analyze\n    results = list(analysis.analyze(self))\n              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/analysis.py\", line 196, in analyze\n    for node in context.pickled.non_standard_imports():\n                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 826, in non_standard_imports\n    for node in self.properties.imports:\n                ^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 777, in properties\n    self._properties.visit(self.ast)\n                           ^^^^^^^^\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 833, in ast\n    self._ast = Interpreter.interpret(self)\n                ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 1001, in interpret\n    return Interpreter(pickled).to_ast()\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 927, in to_ast\n    self.run()\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 971, in run\n    self.step()\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 989, in step\n    opcode.run(self)\n  File \"\u003cpath\u003e/fickling/fickle.py\", line 1767, in run\n    raise ValueError(\"Exhausted the stack while searching for a MarkObject!\")\nValueError: Exhausted the stack while searching for a MarkObject!\n```\n\n### Impact\nThis allows an attacker to craft a malicious pickle file that can bypass fickling since it misses detections for `types.FunctionType` and `marshal.loads`. A user who deserializes such a file, believing it to be safe, would inadvertently execute arbitrary code on their system. This impacts any user or system that uses Fickling to vet pickle files for security issues.",
  "id": "GHSA-565g-hwwr-4pp3",
  "modified": "2025-12-20T02:30:33Z",
  "published": "2025-12-15T23:35:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/trailofbits/fickling/security/advisories/GHSA-565g-hwwr-4pp3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67747"
    },
    {
      "type": "WEB",
      "url": "https://github.com/trailofbits/fickling/pull/186"
    },
    {
      "type": "WEB",
      "url": "https://github.com/trailofbits/fickling/commit/4e34561301bda1450268d1d7b0b2b151de33b913"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/trailofbits/fickling"
    },
    {
      "type": "WEB",
      "url": "https://github.com/trailofbits/fickling/releases/tag/v0.1.6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list"
}

GHSA-56C5-9V4W-8RJP

Vulnerability from github – Published: 2024-06-12 21:31 – Updated: 2024-06-12 21:31
VLAI
Details

There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3468"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-12T21:15:50Z",
    "severity": null
  },
  "details": "There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.",
  "id": "GHSA-56c5-9v4w-8rjp",
  "modified": "2024-06-12T21:31:19Z",
  "published": "2024-06-12T21:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3468"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-163-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-56CF-PH82-J46R

Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-26 18:31
VLAI
Details

Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through < 2.31.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-25032"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T17:16:42Z",
    "severity": "CRITICAL"
  },
  "details": "Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through \u003c 2.31.",
  "id": "GHSA-56cf-ph82-j46r",
  "modified": "2026-03-26T18:31:33Z",
  "published": "2026-03-25T18:31:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25032"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Theme/ricky/vulnerability/wordpress-ricky-theme-2-31-php-object-injection-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-56F8-PJC6-475M

Vulnerability from github – Published: 2026-03-05 06:30 – Updated: 2026-03-09 18:31
VLAI
Details

Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object Injection.This issue affects Celeste: from n/a through <= 1.3.6.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-27369"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-05T06:16:26Z",
    "severity": "HIGH"
  },
  "details": "Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object Injection.This issue affects Celeste: from n/a through \u003c= 1.3.6.",
  "id": "GHSA-56f8-pjc6-475m",
  "modified": "2026-03-09T18:31:38Z",
  "published": "2026-03-05T06:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27369"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Theme/celeste/vulnerability/wordpress-celeste-theme-1-3-6-php-object-injection-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-56M9-5M6M-WM57

Vulnerability from github – Published: 2022-02-01 00:00 – Updated: 2026-07-05 03:30
VLAI
Details

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42631"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-31T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.",
  "id": "GHSA-56m9-5m6m-wm57",
  "modified": "2026-07-05T03:30:45Z",
  "published": "2022-02-01T00:00:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42631"
    },
    {
      "type": "WEB",
      "url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
    },
    {
      "type": "WEB",
      "url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
    },
    {
      "type": "WEB",
      "url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
    },
    {
      "type": "WEB",
      "url": "https://www.printerlogic.com/security-bulletin"
    },
    {
      "type": "WEB",
      "url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
    },
    {
      "type": "WEB",
      "url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert"
    },
    {
      "type": "WEB",
      "url": "http://printerlogic.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.

Mitigation
Implementation

When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.

Mitigation
Implementation

Explicitly define a final object() to prevent deserialization.

Mitigation
Architecture and Design Implementation
  • Make fields transient to protect them from deserialization.
  • An attempt to serialize and then deserialize a class containing transient fields will result in NULLs where the transient data should be. This is an excellent way to prevent time, environment-based, or sensitive variables from being carried over and used improperly.
Mitigation
Implementation

Avoid having unnecessary types or gadgets (a sequence of instances and method invocations that can self-execute during the deserialization process, often found in libraries) available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.

Mitigation
Architecture and Design Implementation

Employ cryptography of the data or code for protection. However, it's important to note that it would still be client-side security. This is risky because if the client is compromised then the security implemented on the client (the cryptography) can be bypassed.

Mitigation MIT-29
Operation

Strategy: Firewall

Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].

CAPEC-586: Object Injection

An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.