Miggo Logo
Miggo Vulnerability Database
CVE-2021-24040

CVE-2021-24040:
Deserialization of Untrusted Data in ParlAI

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-24040
GHSA ID
GHSA-mwgj-7x7j-6966
EPSS Score
0.96588%
CWE
CWE-502
Published
9/13/2021
Updated
4/13/2023
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
parlaipip< 1.1.01.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unsafe YAML deserialization via PyYAML's default yaml.load() method. The GitHub patch explicitly replaces yaml.load() with yaml.safe_load() in two locations within the _get_shared_models function of model_chat_blueprint.py. The original yaml.load() uses the unsafe Loader by default, which can instantiate arbitrary Python objects, leading to RCE. The direct correlation between the patch and CWE-502 confirms this as the root cause.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*u* to us* o* uns*** Y*ML **s*ri*liz*tion lo*i*, *n *tt**k*r wit* t** **ility to mo*i*y lo**l Y*ML *on*i*ur*tion *il*s *oul* provi** m*li*ious input, r*sultin* in r*mot* *o** *x**ution or simil*r risks. T*is issu* *****ts P*rl*I prior to v*.*.*.

Reasoning

T** vuln*r**ility st*ms *rom uns*** Y*ML **s*ri*liz*tion vi* PyY*ML's ****ult y*ml.lo**() m*t*o*. T** *it*u* p*t** *xpli*itly r*pl***s y*ml.lo**() wit* y*ml.s***_lo**() in two lo**tions wit*in t** _**t_s**r**_mo**ls *un*tion o* mo**l_***t_*lu*print.p