Headline
CVE-2022-36038: security: use Oj.safe_load to process json payload · CircuitVerse/CircuitVerse@7b3023a
CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution (RCE) vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Execution (RCE). A patch is available in commit number 7b3023a99499a7675f10f2c1d9effdf10c35fb6e. There are currently no known workarounds.
@@ -23,8 +23,8 @@ def check_to_delete(data_url)
def sanitize_data(project, data)
return data if project&.assignment_id.blank? || data.blank?
data = Oj.load(data)
saved_restricted_elements = Oj.load(project.assignment.restrictions)
data = Oj.safe_load(data)
saved_restricted_elements = Oj.safe_load(project.assignment.restrictions)
scopes = data[“scopes”] || []
parsed_scopes = scopes.each_with_object([]) do |scope, new_scopes|