Отправить #814457: fraillt bitsery 5.2.4 CWE-1287, CWE-843 (Type Confusion)Информация

Название	fraillt bitsery 5.2.4 CWE-1287, CWE-843 (Type Confusion)
Описание	An issue was discovered in Bitsery v5.2.4 and below. Insecure deserialization of pointers under certain conditions may lead to type confusion, resulting in potential information disclosure, control flow hijacking, and arbitrary code execution. --- Recommended CVSS: - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N - Justification: - AV:N - In the worst case, the library parses untrusted data sent over the network. - AC:L - Binary exploitation techniques are well-known. Security-enhancing conditions such as ASLR and PIE could be bypassed. - AT:P - CVSS guidelines do not provide examples and context assessing this for software frameworks. I have decided to give this Present instead of None, because the affected library is used in vastly different manners. Not all applications using the library are vulnerable, because it is dependent on the prerequisite of deserialising untrusted input under specific conditions. - PR:N - In a reasonable worst case, no privileges are required to exploit. - UI:N - In a reasonable worst case, no user interaction is necessary to exploit. - VC:H - Potential impact encapsulates RCE - VI:H - Potential impact encapsulates RCE - VA:H - Potential impact encapsulates RCE - SC:N - No scope change - SI:N - No scope change - SA:N - No scope change --- Note to moderator: The maintainer was notified on Aug. 30, 2025 and promptly responded. The vulnerability was fixed in Bitsery v5.2.5. CVD: https://gist.github.com/TrebledJ/750abc64a826f19dd2d6774724629b71 Changelog: https://github.com/fraillt/bitsery/blob/master/CHANGELOG.md#525-2025-10-09 Vendor: https://github.com/fraillt Product: https://github.com/fraillt/bitsery
Источник	⚠️ https://gist.github.com/TrebledJ/750abc64a826f19dd2d6774724629b71
Пользователь	trebledj (UID 94356)
Представление	27.04.2026 22:22 (1 месяц назад)
Модерация	25.05.2026 21:17 (28 days later)
Статус	принято
Запись VulDB	365541 [fraillt bitsery до 5.2.4 std_smart_ptr.h loadFromSharedState Удалённое выполнение кода]
Баллы	20

◂ Предыдущий Обзор Далее ▸

Interested in the pricing of exploits?

See the underground prices here!