2 matches found
Deserialization of Untrusted Data
Overview datapizza-ai-cache-redis is an An implementation using Redis for datapizza-ai cache Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the RedisCache function due to its usage of pickle.loads. An attacker can execute arbitrary code or manipulate...
CVE-2026-2970
A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...