6 matches found
pgAdmin Cross-Site Scripting Vulnerability
pgAdmin is an open source management and development platform for the open source database PostgreSQL. A cross-site scripting vulnerability exists in pgAdmin 8.5 and earlier versions, which stems from a cross-site scripting vulnerability in the /settings/store endpoint that responds to a json loa...
Ruby on Rails: Unexpected deserialization in Kredis
Unexpected classes could be deserialized in Kredis due to the use of JSON.load, potentially leading to security vulnerabilities...
Arbitrary Command Execution
jmespath is vulnerable to arbitrary command execution. An attacker is able to inject and execute arbitrary commands due to the unsafe usage of JSON.load where JSON.parse is preferable...
DEBIAN-CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
Ruby: The taint flag is not propagated at JSON.parse
Vulnerability description not provided...