com.arcadedb:arcadedb-bolt (>=26.2.1 <=26.3.2), com.arcadedb:arcadedb-coverage (>=21.9.1 <=25.4.1) +10 more potentially affected by CVE-2026-44221 via com.arcadedb:arcadedb-server (>=21.10.1 <=26.3.2)

com.arcadedb:arcadedb-server MAVEN version =21.10.1, =26.2.1, =21.9.1, =21.12.1, =24.11.1, =25.9.1, =25.1.1, =21.9.1, =21.9.1, =21.9.1, =21.9.1, =25.11.1, =26.3.2 - io.github.mdre:adbogm =0.9.0.6 Source cves: CVE-2026-44221 Source advisory: OSV:GHSA-FXC7-FM93-6Q77...

CVE-2019-17206

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...

GHSA-VRCF-G539-X6H3 Uncontrolled deserialization of a pickled object in rediswrapper allows attackers to execute arbitrary scripts

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...

CVE-2019-17206

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...

PYSEC-2019-116

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...

CVE-2019-17206

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...

CVE-2019-17206

The CVE-2019-17206 entry describes an Uncontrolled deserialization of a pickled object in the Frost Ming rediswrapper (Redis Wrapper) code path, specifically in models.py, that existed prior to version 0.3.0. This vulnerability allows an attacker to execute arbitrary scripts due to unsafe pickle ...