CVE-2022-1471

Published: Dec 1, 2022Modified: Jun 18, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.

Affected (1)

Products: Snakeyaml Project: Snakeyaml

Snakeyaml Project

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Snakeyaml Project Snakeyaml	Before 2.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (20)

http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html

Source: cve-coordination@google.com

http://www.openwall.com/lists/oss-security/2023/11/19/1

Source: cve-coordination@google.com

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479

Source: cve-coordination@google.com

Issue TrackingThird Party Advisory

https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html

Source: cve-coordination@google.com

https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2

Source: cve-coordination@google.com

ExploitThird Party Advisory

https://github.com/mbechler/marshalsec

Source: cve-coordination@google.com

ExploitThird Party Advisory

https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc

Source: cve-coordination@google.com

https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c

Source: cve-coordination@google.com

https://security.netapp.com/advisory/ntap-20230818-0015/

Source: cve-coordination@google.com

https://security.netapp.com/advisory/ntap-20240621-0006/

Source: cve-coordination@google.com

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Source: cve-coordination@google.com

ExploitThird Party Advisory

http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2023/11/19/1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://github.com/mbechler/marshalsec

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20230818-0015/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20240621-0006/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.