GHSA-4hpj-8rhv-9x87
GitHub Security Advisory
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
Advisory Details
### Impact
The use of Python's marshal module to handle unchecked input in a public method on `PortalFolder` objects can lead to an unauthenticated denial of service and crash situation. The code in question is exposed by all portal software built on top of `Products.CMFCore`, such as Plone. All deployments are vulnerable.
### Patches
The code has been fixed in `Products.CMFCore` version 3.2.
### Workarounds
Users can make the affected `decodeFolderFilter` method unreachable by editing the `PortalFolder.py` module in `Products.CMFCore` by hand and then restarting Zope. Go to line 233 of `PortalFolder.py` and remove both the `@security.public` decorator for `decodeFolderFilter` as well as the method's entire docstring. This is safe because the method is not actually used by current code.
### References
- Products.CMFCore security advisory [GHSA-4hpj-8rhv-9x87](https://github.com/zopefoundation/Products.CMFCore/security/advisories/GHSA-4hpj-8rhv-9x87)
### Credits
Thanks go to Nicolas VERDIER from onepoint.
### For more information
If you have any questions or comments about this advisory:
- Open an issue in the [Products.CMFCore issue tracker](https://github.com/zopefoundation/Products.CMFCore/issues)
- Email us at [[email protected]](mailto:[email protected])
Affected Packages
Related CVEs
Key Information
Dataset
Data from GitHub Advisory Database. This information is provided for research and educational purposes.