14 matches found
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
SUSE CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
Kredis 安全漏洞
Kredis is a Ruby on Rails open source higher level data structure built on Redis. A security vulnerability exists in Kredis versions prior to 1.3.0.1, which stems from the presence of an untrusted data deserialization vulnerability...
Internet Bug Bounty: [CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON
A deserialization vulnerability was discovered in the Kredis JSON deserialization code, allowing for the potential deserialization of untrusted data. This could result in unexpected objects being deserialized in the system. The vulnerability has been assigned the CVE identifier CVE-2023-27531...
Deserialization Of Untrusted Data
kredis is vulnerable to Deserialization Of Untrusted Data. The vulnerability exists in castvalue function at json.rb which allows an attacker to parse crafted JSON data possibly resulting in deserialization of unexpected objects in the system...
GHSA-H2WM-P2VG-6PW4 Kredis JSON Possible Deserialization of Untrusted Data Vulnerability
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This vulnerability has been assigned the CVE identifier CVE-2023-27531. 'Not affected: None.' 'Versions Affected: All.' 'Fixed Versions: 1.3.0.1' Impact Carefully crafted JSON data processed by...
Deserialization of Untrusted Data
Overview kredis is a higher-level data structures built on Redis. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Carefully crafted JSON data processed may result in deserialization of untrusted data, potentially leading to deserialization of unexpected...
Kredis JSON Possible Deserialization of Untrusted Data Vulnerability
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This vulnerability has been assigned the CVE identifier CVE-2023-27531. 'Not affected: None.' 'Versions Affected: All.' 'Fixed Versions: 1.3.0.1' Impact Carefully crafted JSON data processed by...
PT-2023-21197 · Kredis · Kredis
Name of the Vulnerable Software and Affected Versions: Kredis versions prior to 1.3.0.1 Description: There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This issue may result in the deserialization of unexpected objects in the system when carefully...
Possible Deserialization of Untrusted Data Vulnerability in Kredis JSON
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This vulnerability has been assigned the CVE identifier CVE-2023-27531. 'Not affected: None.' 'Versions Affected: All.' 'Fixed Versions: 1.3.0.1' Impact Carefully crafted JSON data processed by...
Ruby on Rails: Unexpected deserialization in Kredis
Unexpected classes could be deserialized in Kredis due to the use of JSON.load, potentially leading to security vulnerabilities...