{"{\"summary\":\"Cache Confusion Attack Vector\"}","{\"summary\":\"Patched in version 0.30.0\"}","{\"summary\":\"Workarounds exist\"}"}
CVE-2024-53848

7.1HIGH

Key Information:

Vendor: Python-jsonschema
Status: Check-jsonschema
Vendor: CVE Published:; 29 November 2024

Summary

The vulnerability in check-jsonschema arises from its default caching mechanism, where the basename of a remote schema is used as the cache filename. This design flaw allows an attacker to manipulate the caching process by tricking a user into running check-jsonschema against a malicious schema URL. Consequently, this can lead to a scenario where the attacker’s schema is executed in place of the intended schema, potentially allowing invalid data to pass through validation checks that should have been enforced. Users are urged to upgrade to version 0.30.0 or later to mitigate this issue. Temporary workarounds include disabling caching with the '--no-cache' option or specifying a unique cache filename using the '--cache-filename' parameter. Additionally, users can download schemas locally before validation to maintain control over the input.

Affected Version(s)

check-jsonschema < 0.30.0

References

https://github.com/python-jsonschema/check-jsonschema/sec...

x_refsource_CONFIRM

https://github.com/python-jsonschema/check-jsonschema/com...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 29, 2024
Vulnerability Reserved
Nov 22, 2024