Security Fix for Arbitrary Code Execution - huntr.dev#1120
Open
huntr-helper wants to merge 4 commits intotensorlayer:masterfrom
Open
Security Fix for Arbitrary Code Execution - huntr.dev#1120huntr-helper wants to merge 4 commits intotensorlayer:masterfrom
huntr-helper wants to merge 4 commits intotensorlayer:masterfrom
Conversation
Fixed Arbitrary code execution in tensorlayer
|
@d3m0n-r00t @Laicheng0830 - relates to #1116 and 418sec/huntr#1791. Thanks! 🍰 |
|
@Laicheng0830, if you want more security fixes and patches like this in the future, you can let security researchers know that they can win bounties protecting your repository by copying this small code snippet into your README.md:
👇 👇 👇 |
Laicheng0830
approved these changes
Feb 23, 2021
Laicheng0830
approved these changes
Feb 24, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
@d3m0n-r00t (https://huntr.dev/users/d3m0n-r00t) has fixed a potential Arbitrary Code Execution vulnerability in your repository 🔨. For more information, visit our website (https://huntr.dev/) or click the bounty URL below...
Q | A
Version Affected | *
Bug Fix | YES
Original Pull Request | 418sec#1
Vulnerability README | https://github.com/418sec/huntr/blob/master/bounties/pip/tensorlayer/1/README.md
User Comments:
📊 Metadata *
Fixed Arbitrary code execution in
tensorlayerBounty URL: https://www.huntr.dev/bounties/1-pip-tensorlayer
⚙️ Description *
TensorLayeris a novel TensorFlow-based deep learning and reinforcement learning library designed for researchers and engineers. It provides an extensive collection of customizable neural layers to build advanced AI models quickly. This package is vulnerable toArbitrary Code Execution.💻 Technical Description *
Use of
eval()ineval_layer()function without escaping causes execution of system commands.🐛 Proof of Concept (PoC) *
OR
🔥 Proof of Fix (PoF) *
https://docs.python.org/3/library/ast.html#ast-helpers
👍 User Acceptance Testing (UAT)
As explained above
ast.literal_eval()can only be used in common strings and not complex expressions. So not sure on how this will affect the package. However it is safer for evaluvating simple expressions.