suricata-update is susceptible to remote code execution (RCE) while loading .yaml
file. The vulnerability exists because it uses unsafe yaml.load()
function, allowing an attacker to load a .yaml
file with malicious code, for example, hello: !!python/object/apply:os.system ['ls -l > /tmp/output']
.
CPE | Name | Operator | Version |
---|---|---|---|
suricata-update | eq | 1.0.0a1 |