CVE-2020-22083 security vulnerability in botbuilder-python SDK

[hisnkuanli]

Version

4.14.8

Describe the bug

There is a security vulnerability detected via Component Governance in DevOps. The severity is marked as Critical.

The details about this vulnerability:

In this SDK, the jsonpickle package is limited (>=1.2,<1.5), it is possible to use the latest version to avoid this security vulnerability?
Use version ranges 3rd party deps by cognifloyd · Pull Request #1468 · microsoft/botbuilder-python (github.com)

It is a blocking issue for our production service. Please help resolve it ASAP. Thanks.

To Reproduce

Use echo bot as an example, trigger a build in Azure DevOps, and enable Component Governance

Expected behavior

Pass Component Governance

Additional context

GHSA-j66q-qmrc-89rx

[tracyboehrer]

This is somewhat under dispute. pickle in Python itself would have the same behavior. The use case in SDK is that it's used to serialize objects in ConversationState to storage (Blobs or CosmosDB). We could clear the alert by implementing our own serialization, but the behavior would be exactly the same.

[tracyboehrer]

Switching to version later that 1.4.2 do not change the alert for us. I really didn't expect it to.

Given:

"Both jsonpickle and pickle are documented as being able to execute arbitrary code when loading pickles, and intended for use only with trusted data. This is expected behaviour, as clearly indicated in the jsonpickle README and at https://docs.python.org/3/library/pickle.html"

And that this is only being used when storing/retrieving data for ConversationState and UserState (a trusted source), it is not of high risk.

We can continue to look for an alternative solution, but in the end it will still perform the same type actions.

[andrew-cybsafe]

Switching to version later that 1.4.2 do not change the alert for us. I really didn't expect it to.

Does botbuilder work on with v2 and v3? If so, can we update the dependency as this would help to prevent packages resolution issues for projects using botbuilder.

[tracyboehrer]

The alert isn't accurate in that regard. The issue isn't the version, it's what it is doing. Which is pickle/unpickle.

This is used for serializing state storage to whatever storage is configured. It is assumed this is trusted and secure.

[pcanas]

Is there any update on this matter? jsonpickle<=1.5 has more than 4 years, would be great to upgrade this.

[mishaxmishra]

Any update on when the new version of botbuilder with updated json pickle will come out? Our critical pipeline is blocked due to this.

[eriklilljequist]

Since it is not allowed to sync critically vulnerable packages by default in my environment

• we are looking at a required whitelisting of jsonpickle-1.4.2 CVE-2020-22083

Which would be nice to avoid.

I can see several jsonpickle versions later that 1.4.2 without critical vulnerabilities.

Thank you