1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17206
https://notcve.org/view.php?id=CVE-2019-17206
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts. La deserialización no controlada de un objeto pickled en models.py en Frost Ming rediswrapper (también se conoce como Redis Wrapper) versiones anteriores a 0.3.0, permite a atacantes ejecutar scripts arbitrarios. • https://github.com/frostming/rediswrapper/compare/v0.2.1...v0.3.0 https://github.com/frostming/rediswrapper/pull/1 https://github.com/frostming/rediswrapper/releases/tag/v0.3.0 • CWE-502: Deserialization of Untrusted Data •