CVE-2025-23045

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-23045
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with an account on an affected CVAT instance is able to run arbitrary code in the context of the Nuclio function container. This vulnerability affects CVAT deployments that run any of the serverless functions of type tracker from the CVAT Git repository, namely TransT and SiamMask. Deployments with custom functions of type tracker may also be affected, depending on how they handle state serialization. If a function uses an unsafe serialization library such as pickle or jsonpickle, it's likely to be vulnerable. Upgrade to CVAT 2.26.0 or later. If you are unable to upgrade, shut down any instances of the TransT or SiamMask functions you're running.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/cvat-ai/cvat/commit/563e1dfde64b15fa042b23f9d09cd854b35f0366 Patch
https://github.com/cvat-ai/cvat/security/advisories/GHSA-wq36-mxf8-hv62 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*
History

16 Sep 2025, 17:32

Type Values Removed Values Added
Summary
  • (es) Computer Vision Annotation Tool (CVAT) es una herramienta interactiva de anotación de imágenes y videos para visión artificial. Un atacante con una cuenta en una instancia de CVAT afectada puede ejecutar código arbitrario en el contexto del contenedor de funciones Nuclio. Esta vulnerabilidad afecta a las implementaciones de CVAT que ejecutan cualquiera de las funciones sin servidor de tipo tracker desde el repositorio Git de CVAT, a saber, TransT y SiamMask. Las implementaciones con funciones personalizadas de tipo tracker también pueden verse afectadas, según cómo gestionan la serialización de estados. Si una función usa una librería de serialización insegura como pickle o jsonpickle, es probable que sea vulnerable. Actualice a CVAT 2.26.0 o posterior. Si no puede actualizar, apague todas las instancias de las funciones TransT o SiamMask que esté ejecutando.
CPE cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*
First Time Cvat
Cvat computer Vision Annotation Tool
References () https://github.com/cvat-ai/cvat/commit/563e1dfde64b15fa042b23f9d09cd854b35f0366 - () https://github.com/cvat-ai/cvat/commit/563e1dfde64b15fa042b23f9d09cd854b35f0366 - Patch
References () https://github.com/cvat-ai/cvat/security/advisories/GHSA-wq36-mxf8-hv62 - () https://github.com/cvat-ai/cvat/security/advisories/GHSA-wq36-mxf8-hv62 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8

28 Jan 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-28 16:15

Updated : 2025-09-16 17:32

NVD link : CVE-2025-23045

Mitre link : CVE-2025-23045

CVE.ORG link : CVE-2025-23045

JSON object : View

Products Affected

cvat

  • computer_vision_annotation_tool
CWE
CWE-502

Deserialization of Untrusted Data