Invia #814456: USCiLab cereal 1.3.2 CWE-1287, CWE-843 (Type Confusion)informazioni

TitoloUSCiLab cereal 1.3.2 CWE-1287, CWE-843 (Type Confusion)
DescrizioneAn issue was discovered in Cereal v1.3.2 and below. Insecure deserialization of shared pointers under certain conditions may lead to type confusion, resulting in potential information disclosure, control flow hijacking, and arbitrary code execution. --- Recommended CVSS: - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N - Justification: - AV:N - In the worst case, the library parses untrusted data sent over the network. - AC:L - Binary exploitation techniques are well-known. Security-enhancing conditions such as ASLR and PIE could be bypassed. - AT:P - CVSS guidelines do not provide examples and context assessing this for software frameworks. I have decided to give this Present instead of None, because the affected library is used in vastly different manners. Not all applications using the library are vulnerable, because it is dependent on the prerequisite of deserialising untrusted input under specific conditions. - PR:N - In a reasonable worst case, no privileges are required to exploit. - UI:N - In a reasonable worst case, no user interaction is necessary to exploit. - VC:H - Potential impact encapsulates RCE - VI:H - Potential impact encapsulates RCE - VA:H - Potential impact encapsulates RCE - SC:N - No scope change - SI:N - No scope change - SA:N - No scope change --- Note to moderator: The maintainer was notified on Aug. 23, 2025 and a disclosure deadline was set for 90 days. The maintainer was unreachable after multiple follow-up attempts. No patch is currently available and the disclosure deadline has expired. Let me know if you require screenshots/evidence of the CVD email chain (I am unable to upload private documents). CVD: https://gist.github.com/TrebledJ/0223c1fa3c3fd64e2c7047b8a4385ec0 Vendor: https://github.com/USCiLab Product: https://github.com/USCiLab/cereal
Fonte⚠️ https://gist.github.com/TrebledJ/0223c1fa3c3fd64e2c7047b8a4385ec0
Utente
 trebledj (UID 94356)
Sottomissione27/04/2026 22:18 (3 mesi fa)
Moderazione07/06/2026 09:45 (1 month later)
StatoAccettato
Voce VulDB369083 [USCiLab Cereal fino a 1.3.2 Shared Pointer escalationi di privilegi]
Punti20

Do you want to use VulDB in your project?

Use the official API to access entries easily!