CWE-95
AllowedImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Abstraction: Variant · Status: Incomplete
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
264 vulnerabilities reference this CWE, most recent first.
GHSA-2C85-RFCC-G74J
Vulnerability from github – Published: 2026-06-18 13:06 – Updated: 2026-06-18 13:06Summary
Karate Mock Server can execute embedded expressions found in attacker-controlled HTTP request data when a Mock Server feature assigns request-derived values such as request, requestHeaders, or requestParams to variables.
In affected scenarios, an unauthenticated remote attacker can place a Karate embedded expression such as #(Java.type(...)) in the HTTP body, headers, or query parameters. The Mock Server then recursively processes that untrusted data as embedded expressions and evaluates it server-side, which can lead to arbitrary command execution under the privileges of the Karate Mock Server process.
This issue does not require the attacker to control the feature file. The vulnerable precondition is that the Mock Server feature uses request-derived data in a way that passes through Karate expression evaluation, for example:
* def body = request
* def hdrs = requestHeaders
* def params = requestParams
Details
The issue is caused by a missing trust boundary between HTTP request-derived data and Karate feature-authored embedded expressions.
In MockHandler, the current HTTP request is stored and request-derived values are exposed to the Karate runtime. For example, the request body is made available through the request binding:
// MockHandler.java
this.currentRequest = request;
request.processBody();
engine.put("request", (JsLazy) () ->
currentRequest != null ? currentRequest.getBodyConverted() : null);
HttpRequest.getBodyConverted() converts attacker-controlled JSON request bodies into Java objects such as Map<String, Object>:
// HttpRequest.java
public Object getBodyConverted() {
ResourceType rt = getResourceType();
if (rt != null && rt.isBinary()) { return body; }
return HttpUtils.fromBytes(body, false, rt);
}
When a Mock Server feature contains a step such as:
* def body = request
the expression request is evaluated by StepExecutor.executeDef() through evalKarateExpression():
// StepExecutor.java
Object value = evalKarateExpression(expr);
runtime.setVariable(name, value);
Inside evalKarateExpression(), the evaluated value is processed as embedded-expression content if it is a Map or List:
// StepExecutor.java
Object value = runtime.eval(wrapJsonLikeExpression(expr));
if (value instanceof Map || value instanceof List) {
value = processEmbeddedExpressions(value, true);
}
This is the vulnerable trust-boundary violation. The Map originates from the attacker-controlled HTTP request body, but Karate recursively treats its string values as possible embedded expressions.
processEmbeddedExpressions() recursively walks nested maps/lists and sends string values to processEmbeddedString():
// StepExecutor.java
} else if (value instanceof String str) {
return processEmbeddedString(str, lenient);
}
processEmbeddedString() treats strings of the form #(...) as embedded expressions and evaluates them:
// StepExecutor.java
if (str.startsWith("#(") && str.endsWith(")")) {
String expr = str.substring(2, str.length() - 1);
try {
return runtime.eval(expr);
Because the Karate runtime supports Java interop through Java.type(...), attacker-controlled request data can reach Java class loading and command execution.
The same issue applies to other request-derived bindings, such as requestHeaders and requestParams, when a Mock Server feature assigns them or otherwise passes them through Karate expression evaluation.
The important point is that the attacker does not need to control the feature file. The feature author only needs to assign request-derived data such as request, requestHeaders, or requestParams; the framework then automatically performs embedded-expression evaluation on attacker-controlled data.
PoC
A minimal vulnerable Mock Server feature is:
Feature: demo
Background:
* def responseHeaders = { 'Content-Type': 'application/json' }
Scenario: pathMatches('/api/echo')
* def body = request
* def response = { ok: true }
Start the Mock Server with the vulnerable feature:
java -cp "<karate-core-and-runtime-classpath>" io.karatelabs.Main mock -p 18080 -m vuln.feature
http body is here:
POST /api/echo HTTP/1.1
Host: localhost:18080
Content-Type: application/json
Content-Length: 87
{"poc": "#(Java.type('java.lang.Runtime').getRuntime().exec('sh -c id>/tmp/success'))"}
Additional verified vectors:
- Body vector: triggered when the feature assigns
request. - Header vector: triggered when the feature assigns
requestHeaders. - Query parameter vector: triggered when the feature assigns
requestParams.
These vectors demonstrate that the issue is not limited to a single HTTP input location. It affects request-derived data that is later passed through embedded expression processing.
Impact
An unauthenticated remote attacker can execute arbitrary operating-system commands on a server running an affected Karate Mock Server scenario.
The impact depends on whether the Mock Server is reachable by untrusted users and whether the feature file assigns request-derived data such as request, requestHeaders, or requestParams. In that configuration, the attacker does not need credentials, user interaction, or control over the feature file.
This can result in full compromise of the Mock Server process, including confidentiality, integrity, and availability impact for files, environment variables, network access, and credentials available to that process.
Tested versions
Confirmed on:
io.karatelabs:karate-corev2.0.10- main branch commit
dff68200d, project version2.0.11.RC1
The same vulnerable code path appears to exist in v2.0.1 through v2.0.9.
I am not claiming v1.x as affected without independent verification.
Suggested remediation
Karate should not automatically process embedded expressions inside data that originated from HTTP requests.
Possible fixes include:
- Preserve a trust boundary for request-derived values such as
request,requestHeaders, andrequestParams, and skipprocessEmbeddedExpressionsfor those values. - Add a Mock Server safe mode that disables or restricts
Java.type()/ Java interop while processing request data. - Require an explicit opt-in step for evaluating embedded expressions inside request-derived data.
- Add regression tests for body, header, and query parameter injection where
#(Java.type(...))must remain inert data instead of being evaluated.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.0.10"
},
"package": {
"ecosystem": "Maven",
"name": "io.karatelabs:karate-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.1"
},
{
"fixed": "2.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-18T13:06:46Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\n\nKarate Mock Server can execute embedded expressions found in attacker-controlled HTTP request data when a Mock Server feature assigns request-derived values such as `request`, `requestHeaders`, or `requestParams` to variables.\n\nIn affected scenarios, an unauthenticated remote attacker can place a Karate embedded expression such as `#(Java.type(...))` in the HTTP body, headers, or query parameters. The Mock Server then recursively processes that untrusted data as embedded expressions and evaluates it server-side, which can lead to arbitrary command execution under the privileges of the Karate Mock Server process.\n\nThis issue does not require the attacker to control the feature file. The vulnerable precondition is that the Mock Server feature uses request-derived data in a way that passes through Karate expression evaluation, for example:\n\n```karate\n* def body = request\n* def hdrs = requestHeaders\n* def params = requestParams\n```\n\n### Details\n\nThe issue is caused by a missing trust boundary between HTTP request-derived data and Karate feature-authored embedded expressions.\n\nIn `MockHandler`, the current HTTP request is stored and request-derived values are exposed to the Karate runtime. For example, the request body is made available through the `request` binding:\n\n```java\n// MockHandler.java\nthis.currentRequest = request;\nrequest.processBody();\n\nengine.put(\"request\", (JsLazy) () -\u003e\n currentRequest != null ? currentRequest.getBodyConverted() : null);\n```\n\n`HttpRequest.getBodyConverted()` converts attacker-controlled JSON request bodies into Java objects such as `Map\u003cString, Object\u003e`:\n\n```java\n// HttpRequest.java\npublic Object getBodyConverted() {\n ResourceType rt = getResourceType();\n if (rt != null \u0026\u0026 rt.isBinary()) { return body; }\n return HttpUtils.fromBytes(body, false, rt);\n}\n```\n\nWhen a Mock Server feature contains a step such as:\n\n```karate\n* def body = request\n```\n\nthe expression `request` is evaluated by `StepExecutor.executeDef()` through `evalKarateExpression()`:\n\n```java\n// StepExecutor.java\nObject value = evalKarateExpression(expr);\nruntime.setVariable(name, value);\n```\n\nInside `evalKarateExpression()`, the evaluated value is processed as embedded-expression content if it is a `Map` or `List`:\n\n```java\n// StepExecutor.java\nObject value = runtime.eval(wrapJsonLikeExpression(expr));\nif (value instanceof Map || value instanceof List) {\n value = processEmbeddedExpressions(value, true);\n}\n```\n\nThis is the vulnerable trust-boundary violation. The `Map` originates from the attacker-controlled HTTP request body, but Karate recursively treats its string values as possible embedded expressions.\n\n`processEmbeddedExpressions()` recursively walks nested maps/lists and sends string values to `processEmbeddedString()`:\n\n```java\n// StepExecutor.java\n} else if (value instanceof String str) {\n return processEmbeddedString(str, lenient);\n}\n```\n\n`processEmbeddedString()` treats strings of the form `#(...)` as embedded expressions and evaluates them:\n\n```java\n// StepExecutor.java\nif (str.startsWith(\"#(\") \u0026\u0026 str.endsWith(\")\")) {\n String expr = str.substring(2, str.length() - 1);\n try {\n return runtime.eval(expr);\n```\n\nBecause the Karate runtime supports Java interop through `Java.type(...)`, attacker-controlled request data can reach Java class loading and command execution.\n\nThe same issue applies to other request-derived bindings, such as `requestHeaders` and `requestParams`, when a Mock Server feature assigns them or otherwise passes them through Karate expression evaluation.\n\nThe important point is that the attacker does not need to control the feature file. The feature author only needs to assign request-derived data such as `request`, `requestHeaders`, or `requestParams`; the framework then automatically performs embedded-expression evaluation on attacker-controlled data.\n\n\n### PoC\n\nA minimal vulnerable Mock Server feature is:\n\n```karate\nFeature: demo\n\nBackground:\n* def responseHeaders = { \u0027Content-Type\u0027: \u0027application/json\u0027 }\n\nScenario: pathMatches(\u0027/api/echo\u0027)\n* def body = request\n* def response = { ok: true }\n```\n\nStart the Mock Server with the vulnerable feature:\n\n```bash\njava -cp \"\u003ckarate-core-and-runtime-classpath\u003e\" io.karatelabs.Main mock -p 18080 -m vuln.feature\n```\nhttp body is here:\n```http\nPOST /api/echo HTTP/1.1\nHost: localhost:18080\nContent-Type: application/json\nContent-Length: 87\n\n{\"poc\": \"#(Java.type(\u0027java.lang.Runtime\u0027).getRuntime().exec(\u0027sh -c id\u003e/tmp/success\u0027))\"}\n```\n\u003cimg width=\"1051\" height=\"558\" alt=\"image\" src=\"https://github.com/user-attachments/assets/f12c4631-dd22-439c-a8df-c7243726c0c4\" /\u003e\n\n\nAdditional verified vectors:\n\n1. Body vector: triggered when the feature assigns `request`.\n2. Header vector: triggered when the feature assigns `requestHeaders`.\n3. Query parameter vector: triggered when the feature assigns `requestParams`.\n\nThese vectors demonstrate that the issue is not limited to a single HTTP input location. It affects request-derived data that is later passed through embedded expression processing.\n\n### Impact\n\nAn unauthenticated remote attacker can execute arbitrary operating-system commands on a server running an affected Karate Mock Server scenario.\n\nThe impact depends on whether the Mock Server is reachable by untrusted users and whether the feature file assigns request-derived data such as `request`, `requestHeaders`, or `requestParams`. In that configuration, the attacker does not need credentials, user interaction, or control over the feature file.\n\nThis can result in full compromise of the Mock Server process, including confidentiality, integrity, and availability impact for files, environment variables, network access, and credentials available to that process.\n\n### Tested versions\n\nConfirmed on:\n\n* `io.karatelabs:karate-core` v2.0.10\n* main branch commit `dff68200d`, project version `2.0.11.RC1`\n\nThe same vulnerable code path appears to exist in v2.0.1 through v2.0.9.\n\nI am not claiming v1.x as affected without independent verification.\n\n### Suggested remediation\n\nKarate should not automatically process embedded expressions inside data that originated from HTTP requests.\n\nPossible fixes include:\n\n1. Preserve a trust boundary for request-derived values such as `request`, `requestHeaders`, and `requestParams`, and skip `processEmbeddedExpressions` for those values.\n2. Add a Mock Server safe mode that disables or restricts `Java.type()` / Java interop while processing request data.\n3. Require an explicit opt-in step for evaluating embedded expressions inside request-derived data.\n4. Add regression tests for body, header, and query parameter injection where `#(Java.type(...))` must remain inert data instead of being evaluated.",
"id": "GHSA-2c85-rfcc-g74j",
"modified": "2026-06-18T13:06:46Z",
"published": "2026-06-18T13:06:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/karatelabs/karate/security/advisories/GHSA-2c85-rfcc-g74j"
},
{
"type": "PACKAGE",
"url": "https://github.com/karatelabs/karate"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear",
"type": "CVSS_V4"
}
],
"summary": "Karate Mock Server RCE via embedded expression evaluation of request-derived data"
}
GHSA-2G5C-228J-P52X
Vulnerability from github – Published: 2022-09-16 17:21 – Updated: 2022-09-16 17:21Impact
The tags document Main.Tags in XWiki didn't sanitize user inputs properly, allowing users with view rights on the document (default in a public wiki or for authenticated users on private wikis) to execute arbitrary Groovy, Python and Velocity code with programming rights. This allows bypassing all rights checks and thus both modification and disclosure of all content stored in the XWiki installation. Also, this could be used to impact the availability of the wiki. Some versions of XWiki XML-escaped the tag (e.g., version 3.1) but this isn't a serious limitation as string literals can be delimited by / in Groovy and < and > aren't necessary, e.g., to elevate privileges of the current user.
On XWiki versions before 13.10.4 and 14.2, this can be combined with the authentication bypass using the login action, meaning that no rights are required to perform the attack. The following URL demonstrates the attack: <server>/xwiki/bin/login/Main/Tags?xpage=view&do=viewTag&tag=%7B%7Basync+async%3D%22true%22+cached%3D%22false%22+context%3D%22doc.reference%22%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22hello+from+groovy%21%22%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D, where <server> is the URL of the XWiki installations.
On current versions (e.g, 14.3), the issue can be exploited by requesting the URL <server>/xwiki/bin/view/Main/Tags?do=viewTag&tag=%7B%7Basync%20async%3D%22true%22%20cached%3D%22false%22%20context%3D%22doc.reference%22%7D%7D%7B%7Bgroovy%7D%7Dprintln(%22hello%20from%20groovy!%22)%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D, where <server> is the URL of the server. On XWiki 2.0 (that contains version 1.7 of the tag application), the URL <server>/xwiki/bin/view/Main/Tags?do=viewTag&tag={{/html}}{{groovy}}println(%2Fhello from groovy!%2F){{%2Fgroovy}} demonstrates the exploit while on XWiki 3.1 the following URL demonstrates the exploit: <server>/xwiki/bin/view/Main/Tags?do=viewTag&tag={{/html}}{{footnote}}{{groovy}}println(%2Fhello%20from%20groovy!%2F){{%2Fgroovy}}{{/footnote}}.
Patches
This has been patched in the supported versions 13.10.6 and 14.4.
Workarounds
The patch that fixes the issue can be manually applied to the document Main.Tags or the updated version of that document can be imported from version 14.4 of xwiki-platform-tag-ui using the import feature in the administration UI on XWiki 10.9 and later (earlier versions might not be compatible with the current version of the document).
References
- https://github.com/xwiki/xwiki-platform/commit/604868033ebd191cf2d1e94db336f0c4d9096427
- https://jira.xwiki.org/browse/XWIKI-19747
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira XWiki.org * Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-tag-ui"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "13.10.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform.applications:xwiki-application-tag"
},
"ranges": [
{
"events": [
{
"introduced": "1.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-tag-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.0"
},
{
"fixed": "14.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-36100"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-16T17:21:25Z",
"nvd_published_at": "2022-09-08T21:15:00Z",
"severity": "CRITICAL"
},
"details": "### Impact\nThe tags document `Main.Tags` in XWiki didn\u0027t sanitize user inputs properly, allowing users with view rights on the document (default in a public wiki or for authenticated users on private wikis) to execute arbitrary Groovy, Python and Velocity code with programming rights. This allows bypassing all rights checks and thus both modification and disclosure of all content stored in the XWiki installation. Also, this could be used to impact the availability of the wiki. Some versions of XWiki XML-escaped the tag (e.g., version 3.1) but this isn\u0027t a serious limitation as string literals can be delimited by `/` in Groovy and `\u003c` and `\u003e` aren\u0027t necessary, e.g., to elevate privileges of the current user.\n\nOn XWiki versions before 13.10.4 and 14.2, this can be combined with the [authentication bypass using the login action](https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8h89-34w2-jpfm), meaning that no rights are required to perform the attack. The following URL demonstrates the attack: `\u003cserver\u003e/xwiki/bin/login/Main/Tags?xpage=view\u0026do=viewTag\u0026tag=%7B%7Basync+async%3D%22true%22+cached%3D%22false%22+context%3D%22doc.reference%22%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22hello+from+groovy%21%22%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D`, where `\u003cserver\u003e` is the URL of the XWiki installations.\n\nOn current versions (e.g, 14.3), the issue can be exploited by requesting the URL `\u003cserver\u003e/xwiki/bin/view/Main/Tags?do=viewTag\u0026tag=%7B%7Basync%20async%3D%22true%22%20cached%3D%22false%22%20context%3D%22doc.reference%22%7D%7D%7B%7Bgroovy%7D%7Dprintln(%22hello%20from%20groovy!%22)%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D`, where `\u003cserver\u003e` is the URL of the server. On XWiki 2.0 (that contains version 1.7 of the tag application), the URL `\u003cserver\u003e/xwiki/bin/view/Main/Tags?do=viewTag\u0026tag={{/html}}{{groovy}}println(%2Fhello from groovy!%2F){{%2Fgroovy}}` demonstrates the exploit while on XWiki 3.1 the following URL demonstrates the exploit: `\u003cserver\u003e/xwiki/bin/view/Main/Tags?do=viewTag\u0026tag={{/html}}{{footnote}}{{groovy}}println(%2Fhello%20from%20groovy!%2F){{%2Fgroovy}}{{/footnote}}`.\n\n### Patches\nThis has been patched in the supported versions 13.10.6 and 14.4.\n\n### Workarounds\nThe [patch that fixes the issue](https://github.com/xwiki/xwiki-platform/commit/604868033ebd191cf2d1e94db336f0c4d9096427) can be manually applied to the document `Main.Tags` or the updated version of that document can be imported from [version 14.4 of xwiki-platform-tag-ui](https://nexus.xwiki.org/nexus/content/groups/public/org/xwiki/platform/xwiki-platform-tag-ui/14.4/xwiki-platform-tag-ui-14.4.xar) using [the import feature in the administration UI](https://extensions.xwiki.org/xwiki/bin/view/Extension/Administration%20Application#HImport) on XWiki 10.9 and later (earlier versions might not be compatible with the current version of the document).\n\n### References\n* https://github.com/xwiki/xwiki-platform/commit/604868033ebd191cf2d1e94db336f0c4d9096427\n* https://jira.xwiki.org/browse/XWIKI-19747\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-2g5c-228j-p52x",
"modified": "2022-09-16T17:21:25Z",
"published": "2022-09-16T17:21:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2g5c-228j-p52x"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36100"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/604868033ebd191cf2d1e94db336f0c4d9096427"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-19747"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection"
}
GHSA-2QM6-VPRH-VGFC
Vulnerability from github – Published: 2025-12-27 15:30 – Updated: 2025-12-27 15:30Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.
{
"affected": [],
"aliases": [
"CVE-2025-54322"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-27T14:15:49Z",
"severity": "CRITICAL"
},
"details": "Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.",
"id": "GHSA-2qm6-vprh-vgfc",
"modified": "2025-12-27T15:30:17Z",
"published": "2025-12-27T15:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54322"
},
{
"type": "WEB",
"url": "https://pwn.ai/blog/cve-2025-54322-zeroday-unauthenticated-root-rce-affecting-70-000-hosts"
},
{
"type": "WEB",
"url": "https://www.xspeeder.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2QPC-RPXQ-PHV6
Vulnerability from github – Published: 2026-03-24 00:30 – Updated: 2026-03-24 00:30The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval() in the process_custom_formula() function within includes/process/price.php. This is due to insufficient sanitization and validation of user-submitted field values before passing them to PHP's eval() function. The sanitize_values() method strips HTML tags but does not escape single quotes or prevent PHP code injection. This makes it possible for unauthenticated attackers to execute arbitrary code on the server by submitting a crafted value to a WCPA text field configured with custom pricing formula (pricingType: "custom" with {this.value}).
{
"affected": [],
"aliases": [
"CVE-2026-4001"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-24T00:16:31Z",
"severity": "CRITICAL"
},
"details": "The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval() in the process_custom_formula() function within includes/process/price.php. This is due to insufficient sanitization and validation of user-submitted field values before passing them to PHP\u0027s eval() function. The sanitize_values() method strips HTML tags but does not escape single quotes or prevent PHP code injection. This makes it possible for unauthenticated attackers to execute arbitrary code on the server by submitting a crafted value to a WCPA text field configured with custom pricing formula (pricingType: \"custom\" with {this.value}).",
"id": "GHSA-2qpc-rpxq-phv6",
"modified": "2026-03-24T00:30:26Z",
"published": "2026-03-24T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4001"
},
{
"type": "WEB",
"url": "https://acowebs.com/woo-custom-product-addons"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70a2b6ff-defc-4722-9af9-3cae94e98632?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2V76-28WF-QM87
Vulnerability from github – Published: 2025-12-12 21:31 – Updated: 2025-12-15 15:30An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
{
"affected": [],
"aliases": [
"CVE-2025-43466"
],
"database_specific": {
"cwe_ids": [
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-12T21:15:54Z",
"severity": "MODERATE"
},
"details": "An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.",
"id": "GHSA-2v76-28wf-qm87",
"modified": "2025-12-15T15:30:30Z",
"published": "2025-12-12T21:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43466"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125634"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-34FJ-R5GQ-7395
Vulnerability from github – Published: 2024-04-10 17:11 – Updated: 2024-04-10 22:00Impact
Any user with edit right on any page can execute any code on the server by adding an object of type XWiki.SearchSuggestSourceClass to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation.
To reproduce on an instance, as a user without script nor programming rights, add an object of type XWiki.SearchSuggestSourceClass to your profile page. On this object, set every possible property to }}}{{async}}{{groovy}}println("Hello from Groovy!"){{/groovy}}{{/async}} (i.e., name, engine, service, query, limit and icon). Save and display the page, then append ?sheet=XWiki.SearchSuggestSourceSheet to the URL. If any property displays as Hello from Groovy!}}}, then the instance is vulnerable.
Patches
This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1.
Workarounds
This patch can be manually applied to the document XWiki.SearchSuggestSourceSheet.
References
- https://jira.xwiki.org/browse/XWIKI-21474
- https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-search-ui"
},
"ranges": [
{
"events": [
{
"introduced": "5.2-milestone-2"
},
{
"fixed": "14.10.20"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-search-ui"
},
"ranges": [
{
"events": [
{
"introduced": "15.0-rc-1"
},
{
"fixed": "15.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-search-ui"
},
"ranges": [
{
"events": [
{
"introduced": "15.6-rc-1"
},
{
"fixed": "15.10-rc-1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-31465"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-10T17:11:32Z",
"nvd_published_at": "2024-04-10T20:15:07Z",
"severity": "CRITICAL"
},
"details": "### Impact\nAny user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation.\n\nTo reproduce on an instance, as a user without script nor programming rights, add an object of type `XWiki.SearchSuggestSourceClass` to your profile page. On this object, set every possible property to `}}}{{async}}{{groovy}}println(\"Hello from Groovy!\"){{/groovy}}{{/async}}` (i.e., name, engine, service, query, limit and icon). Save and display the page, then append `?sheet=XWiki.SearchSuggestSourceSheet` to the URL. If any property displays as `Hello from Groovy!}}}`, then the instance is vulnerable.\n\n### Patches\nThis vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1.\n\n### Workarounds\n[This patch](https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5) can be manually applied to the document `XWiki.SearchSuggestSourceSheet`.\n\n### References\n* https://jira.xwiki.org/browse/XWIKI-21474\n* https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809\n",
"id": "GHSA-34fj-r5gq-7395",
"modified": "2024-04-10T22:00:40Z",
"published": "2024-04-10T17:11:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31465"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-21474"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet"
}
GHSA-37M4-HQXV-W26G
Vulnerability from github – Published: 2024-04-10 17:14 – Updated: 2024-04-10 22:01Impact
By creating a document with a special crafted documented reference and an XWiki.SchedulerJobClass XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki.
To reproduce on an XWiki installation, click on this link to create a new document : <xwiki-host>/xwiki/bin/view/%22%3E%5D%5D%7B%7B%2Fhtml%7D%7D%7B%7Basync%20context%3D%22request/parameters%22%7D%7D%7B%7Bvelocity%7D%7D%23evaluate%28%24request/eval%29/.
Then, add to this document an object of type XWiki.SchedulerJobClass.
Finally, as an admin, go to <xwiki-host>/xwiki/bin/view/Scheduler/?eval=$services.logging.getLogger(%22attacker%22).error(%22Hello%20from%20URL%20Parameter!%20I%20got%20programming:%20$services.security.authorization.hasAccess(%27programming%27)%22).
If the logs contain ERROR attacker - Hello from URL Parameter! I got programming: true, the installation is vulnerable.
Patches
The vulnerability has been fixed on XWiki 14.10.19, 15.5.5, and 15.9.
Workarounds
Modify the Scheduler.WebHome page following this patch.
References
- https://jira.xwiki.org/browse/XWIKI-21416
- https://github.com/xwiki/xwiki-platform/commit/f16ca4ef1513f84ce2e685d4a05d689bd3a2ab4c
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-scheduler-ui"
},
"ranges": [
{
"events": [
{
"introduced": "3.1"
},
{
"fixed": "14.10.19"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-scheduler-ui"
},
"ranges": [
{
"events": [
{
"introduced": "15.0-rc-1"
},
{
"fixed": "15.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-scheduler-ui"
},
"ranges": [
{
"events": [
{
"introduced": "15.6-rc-1"
},
{
"fixed": "15.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-31986"
],
"database_specific": {
"cwe_ids": [
"CWE-352",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-10T17:14:35Z",
"nvd_published_at": "2024-04-10T21:15:06Z",
"severity": "CRITICAL"
},
"details": "### Impact\nBy creating a document with a special crafted documented reference and an `XWiki.SchedulerJobClass` XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki.\n\nTo reproduce on an XWiki installation, click on this link to create a new document : `\u003cxwiki-host\u003e/xwiki/bin/view/%22%3E%5D%5D%7B%7B%2Fhtml%7D%7D%7B%7Basync%20context%3D%22request/parameters%22%7D%7D%7B%7Bvelocity%7D%7D%23evaluate%28%24request/eval%29/`.\nThen, add to this document an object of type `XWiki.SchedulerJobClass`.\nFinally, as an admin, go to `\u003cxwiki-host\u003e/xwiki/bin/view/Scheduler/?eval=$services.logging.getLogger(%22attacker%22).error(%22Hello%20from%20URL%20Parameter!%20I%20got%20programming:%20$services.security.authorization.hasAccess(%27programming%27)%22)`.\nIf the logs contain `ERROR attacker - Hello from URL Parameter! I got programming: true`, the installation is vulnerable.\n\n### Patches\nThe vulnerability has been fixed on XWiki 14.10.19, 15.5.5, and 15.9.\n\n### Workarounds\nModify the Scheduler.WebHome page following this [patch](https://github.com/xwiki/xwiki-platform/commit/f16ca4ef1513f84ce2e685d4a05d689bd3a2ab4c#diff-1e2995eacccbbbdcc4987ff64f46ac74837d166cf9e92920b4a4f8af0f10bd47).\n\n### References\n- https://jira.xwiki.org/browse/XWIKI-21416\n- https://github.com/xwiki/xwiki-platform/commit/f16ca4ef1513f84ce2e685d4a05d689bd3a2ab4c\n",
"id": "GHSA-37m4-hqxv-w26g",
"modified": "2024-04-10T22:01:32Z",
"published": "2024-04-10T17:14:35Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-37m4-hqxv-w26g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31986"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/efd3570f3e5e944ec0ad0899bf799bf9563aef87"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/f30d9c641750a3f034b5910c6a3a7724ae8f2269"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-21416"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "XWiki Platform CSRF remote code execution through scheduler job\u0027s document reference"
}
GHSA-3989-4C6X-725F
Vulnerability from github – Published: 2023-04-20 22:00 – Updated: 2023-04-20 22:00Impact
Any user with view rights on XWiki.AttachmentSelector can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping in the "Cancel and return to page" button. This page is installed by default.
See https://jira.xwiki.org/browse/XWIKI-20275 for the reproduction steps.
Patches
The vulnerability has been patched in XWiki 15.0-rc-1, 14.10.1, 14.4.8, and 13.10.11.
Workarounds
The issue can be fixed by applying this patch on XWiki.AttachmentSelector.
References
- https://github.com/xwiki/xwiki-platform/commit/aca1d677c58563bbe6e35c9e1c29fd8b12ebb996
- https://jira.xwiki.org/browse/XWIKI-20275
For more information
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-attachment-ui"
},
"ranges": [
{
"events": [
{
"introduced": "2.0-rc-2"
},
{
"fixed": "13.10.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-attachment-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.4.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-attachment-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.10.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29516"
],
"database_specific": {
"cwe_ids": [
"CWE-74",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-20T22:00:14Z",
"nvd_published_at": "2023-04-19T00:15:08Z",
"severity": "CRITICAL"
},
"details": "### Impact\nAny user with view rights on `XWiki.AttachmentSelector` can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping in the \"Cancel and return to page\" button. This page is installed by default.\n\nSee https://jira.xwiki.org/browse/XWIKI-20275 for the reproduction steps.\n\n### Patches\nThe vulnerability has been patched in XWiki 15.0-rc-1, 14.10.1, 14.4.8, and 13.10.11.\n\n### Workarounds\nThe issue can be fixed by applying this [patch](https://github.com/xwiki/xwiki-platform/commit/aca1d677c58563bbe6e35c9e1c29fd8b12ebb996) on `XWiki.AttachmentSelector`.\n\n### References\n- https://github.com/xwiki/xwiki-platform/commit/aca1d677c58563bbe6e35c9e1c29fd8b12ebb996\n- https://jira.xwiki.org/browse/XWIKI-20275\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-3989-4c6x-725f",
"modified": "2023-04-20T22:00:14Z",
"published": "2023-04-20T22:00:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-3989-4c6x-725f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29516"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/aca1d677c58563bbe6e35c9e1c29fd8b12ebb996"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-20275"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "XWiki Platform vulnerable to privilege escalation from view right on XWiki.AttachmentSelector"
}
GHSA-3C85-MX4X-435C
Vulnerability from github – Published: 2023-12-25 00:30 – Updated: 2025-10-22 00:32Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.
{
"affected": [],
"aliases": [
"CVE-2023-7101"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-24T22:15:07Z",
"severity": "HIGH"
},
"details": "Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type \u201ceval\u201d. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.",
"id": "GHSA-3c85-mx4x-435c",
"modified": "2025-10-22T00:32:58Z",
"published": "2023-12-25T00:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7101"
},
{
"type": "WEB",
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171"
},
{
"type": "WEB",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md"
},
{
"type": "WEB",
"url": "https://https://github.com/haile01/perl_spreadsheet_excel_rce_poc"
},
{
"type": "WEB",
"url": "https://https://github.com/jmcnamara/spreadsheet-parseexcel/commit/bd3159277e745468e2c553417b35d5d7dc7405bc"
},
{
"type": "WEB",
"url": "https://https://metacpan.org/dist/Spreadsheet-ParseExcel"
},
{
"type": "WEB",
"url": "https://https://www.cve.org/CVERecord?id=CVE-2023-7101"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00025.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFEHKULQRVXHIV7XXK2RGD4VQN6Y4CV5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2FIWDHRYTAAQLGM6AFOZVM7AFZ4H2ZR"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/2024/02/10/vulnerable-spreadsheet-parsing-modules.html"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-7101"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3F63-HFP8-52JQ
Vulnerability from github – Published: 2024-01-19 21:30 – Updated: 2024-11-18 16:26Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Pillow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-50447"
],
"database_specific": {
"cwe_ids": [
"CWE-94",
"CWE-95"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-22T21:28:18Z",
"nvd_published_at": "2024-01-19T20:15:11Z",
"severity": "CRITICAL"
},
"details": "Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).",
"id": "GHSA-3f63-hfp8-52jq",
"modified": "2024-11-18T16:26:35Z",
"published": "2024-01-19T21:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50447"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/commit/45c726fd4daa63236a8f3653530f297dc87b160a"
},
{
"type": "WEB",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2023-50447"
},
{
"type": "WEB",
"url": "https://duartecsantos.github.io/2023-01-02-CVE-2023-50447"
},
{
"type": "WEB",
"url": "https://duartecsantos.github.io/2024-01-02-CVE-2023-50447"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-pillow/Pillow"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/releases"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00019.html"
},
{
"type": "WEB",
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/10.2.0.html#security"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/01/20/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Arbitrary Code Execution in Pillow"
}
Mitigation
Strategy: Refactoring
If possible, refactor your code so that it does not need to use eval() at all.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation
- Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180, CWE-181). Make sure that your application does not inadvertently decode the same input twice (CWE-174). Such errors could be used to bypass allowlist schemes by introducing dangerous inputs after they have been checked. Use libraries such as the OWASP ESAPI Canonicalization control.
- Consider performing repeated canonicalization until your input does not change any more. This will avoid double-decoding and similar scenarios, but it might inadvertently modify inputs that are allowed to contain properly-encoded dangerous content.
Mitigation
For Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.