Описание
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the picklefile parameter in the yacc() function. This parameter accepts a .pkl file that is deserialized with pickle.load() without validation. Because pickle allows execution of embedded code via __reduce__(), an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.
An arbitrary code execution vulnerability was discovered in PLY (Python Lex-Yacc). When an application uses PLY's undocumented picklefile parameter to load cached parser data, the library deserializes the pickle file without validation. If an attacker can supply or modify the pickle file being loaded, they can embed malicious code that executes automatically during the deserialization process, potentially allowing them to run arbitrary commands on the affected system.
Отчет
This vulnerability rates as Important rather than Critical because it only affects applications using an undocumented parameter (picklefile) in legacy PLY versions 3.2-3.11, which was designed for an atypical use case (Jython environments with oversized parser tables). Exploitation requires the target application to have explicitly implemented this undocumented parameter in their code and depends on the attacker's ability to influence which pickle file gets loaded—whether through shared directory race conditions, configuration injection, supply chain compromise, or chaining with separate vulnerabilities like file upload or path traversal—making this a conditional, context-dependent vulnerability rather than a universally exploitable critical flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Fence Agents Remediation Operator | workload-availability/fence-agents-remediation-rhel9-operator | Affected | ||
| Migration Toolkit for Containers | rhmtc/openshift-migration-hook-runner-rhel8 | Affected | ||
| Migration Toolkit for Containers | rhmtc/openshift-migration-rhel8-operator | Affected | ||
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-must-gather-rhel8 | Will not fix | ||
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-rhel9-operator | Will not fix | ||
| Migration Toolkit for Virtualization | mtv-candidate/mtv-must-gather-rhel8 | Will not fix | ||
| Migration Toolkit for Virtualization | mtv-candidate/mtv-rhel9-operator | Will not fix | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-agent-base-rhel8 | Affected | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-rhel8 | Not affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-console-plugin-rhel8 | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) librar ...
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk.
EPSS
7.8 High
CVSS3