4.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-33026

GHSA ID

GHSA-656c-6cxf-hvcv

EPSS Score

0.95244%

CWE

CWE-269

Published

6/18/2021

Updated

8/16/2023

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-33026

CVE-2021-33026: Deserialization of Untrusted Data in Flask-Caching

Flask-Cache adds easy cache support to Flask. The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code.

However, this is not a high-severity issue, as for an attack like this to work, an attacker must:

Be able to write arbitrary values to the cache
Be able to generate a cache key that will collide with a value being read by the application
Cause the application to read a maliciously-injected value

Any situation where all 3 of those is true is a situation where the application has larger problems; for example, if someone's able to inject malicious cached rendered pages into a Flask app's cache, then they can make the website say literally anything they want, regardless of whether it involves the execution of remote code. Basically, the Pickle vulnerability follows from a website already being extremely vulnerable (due to conditions 1 and 2 being met).

(GitHub Advisory)

4.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-33026

GHSA ID

GHSA-656c-6cxf-hvcv

EPSS Score

0.95244%

CWE

CWE-269

Published

6/18/2021

Updated

8/16/2023

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
Flask-Caching	pip	<= 1.10.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from Flask-Caching's reliance on pickle for serialization. The serializer's loads() method directly uses pickle.loads(), which is inherently unsafe for untrusted data. The BaseCache class's _loads method propagates this vulnerability by using the default pickle-based serializer. These functions create an RCE vector when combined with cache poisoning. The assessment is supported by the CVE description, GitHub advisory discussion about pickle usage, and code changes in PR #209 that specifically target serialization mechanisms.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*l*sk-***** ***s **sy ***** support to *l*sk. T** *l*sk-****in* *xt*nsion t*rou** *.**.* *or *l*sk r*li*s on Pi*kl* *or s*ri*liz*tion, w*i** m*y l*** to r*mot* *o** *x**ution or lo**l privil*** *s**l*tion. I* *n *tt**k*r **ins ****ss to ***** stor***

Reasoning

T** vuln*r**ility st*ms *rom *l*sk-****in*'s r*li*n** on `pi*kl*` *or s*ri*liz*tion. T** s*ri*liz*r's `lo**s()` m*t*o* *ir**tly us*s `pi*kl*.lo**s()`, w*i** is in**r*ntly uns*** *or untrust** **t*. T** `**s******` *l*ss's `_lo**s` m*t*o* prop***t*s t

4.2

Basic Information

Concerned about an active attack path?

CVE-2021-33026: Deserialization of Untrusted Data in Flask-Caching

4.2

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI