CVE 2016-4972
OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5 (mitaka) improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files, which allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages.
Related bugs and status
CVE-2016-4972 (Candidate) is related to these bugs:
Bug #1586078: YaqlYamlLoader inherits from YamlLoader
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1586078 | YaqlYamlLoader inherits from YamlLoader | python-muranoclient | Critical | Fix Released | ||
| 1586078 | YaqlYamlLoader inherits from YamlLoader | python-muranoclient liberty | Critical | Fix Committed | ||
| 1586078 | YaqlYamlLoader inherits from YamlLoader | python-muranoclient mitaka | Critical | Fix Committed | ||
| 1586078 | YaqlYamlLoader inherits from YamlLoader | python-muranoclient newton | Critical | Fix Released | ||
| 1586078 | YaqlYamlLoader inherits from YamlLoader | python-muranoclient kilo | Undecided | Won't Fix | ||
Bug #1586079: YaqlYamlLoader inherits from YamlLoader
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1586079 | YaqlYamlLoader inherits from YamlLoader | Murano | Critical | Fix Released | ||
| 1586079 | YaqlYamlLoader inherits from YamlLoader | Murano newton | Critical | Fix Released | ||
| 1586079 | YaqlYamlLoader inherits from YamlLoader | Murano kilo | Critical | Won't Fix | ||
| 1586079 | YaqlYamlLoader inherits from YamlLoader | Murano liberty | Critical | Fix Released | ||
| 1586079 | YaqlYamlLoader inherits from YamlLoader | Murano mitaka | Critical | Fix Released | ||
Bug #1586136: [Murano] Possible RCE using insecure YAML tags
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1586136 | [Murano] Possible RCE using insecure YAML tags | OpenStack Security Advisory | Undecided | Won't Fix | ||
Bug #1593002: [murano] YaqlYamlLoader inherits from YamlLoader
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack | Critical | Fix Released | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 9.x | Critical | Fix Released | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 6.1.x | Critical | Fix Released | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 7.0.x | Critical | Fix Released | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 8.0.x | Critical | Fix Released | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 5.1.x | Critical | In Progress | ||
| 1593002 | [murano] YaqlYamlLoader inherits from YamlLoader | Mirantis OpenStack 6.0.x | Critical | In Progress | ||
See the 
CVE page on Mitre.org
for more details.
