| Título | docarray 0.40.1 Improperly Controlled Modification of Object Prototype Attribute |
|---|
| Descripción | Docarray MultiModalDataset insecurely implemented the component on preprocessing functions. In its __getitem__ method, the dotted object path passed in is not performed any sanitization to prevent against internal class object access and operation. When multimodal dataset operation is deployed through web API, such as offcially recommended FastAPI, bad actors are able to access, e.g. via double under attributes .__class__.__base__... and overwrite the internal python runtime class objects, which at least leads to DoS attack. However, when combined with other backend code enriching the python runtime states, other attacks such as RCE and XSS are still promising as our previous finding proves. (see related materials) |
|---|
| Fuente | ⚠️ https://gist.github.com/superboy-zjc/56502343bcb12eb653081b426debf2c8 |
|---|
| Usuario | Gavin Zhong (UID 84092) |
|---|
| Sumisión | 2025-05-09 19:19 (hace 11 meses) |
|---|
| Moderación | 2025-05-24 19:36 (15 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 310238 [docarray hasta 0.40.1 Web API torch_dataset.py __getitem__ escalada de privilegios] |
|---|
| Puntos | 20 |
|---|