8 matches found
EUVD-2019-0121
Malware in sbrugna...
Uncontrolled deserialization of a pickled object in rediswrapper allows attackers to execute arbitrary scripts
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...
Arbitrary Code Execution
rediswrapper is vulnerable to arbitrary code execution. The vulnerability exists due to the unsafe usage of pickle deserialization...
CVE-2019-17206
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...
PYSEC-2019-46
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...
Deserialization of untrusted data
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...
PYSEC-2019-116
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper aka Redis Wrapper before 0.3.0 allows attackers to execute arbitrary scripts...
CVE-2019-17206
The CVE-2019-17206 entry describes an Uncontrolled deserialization of a pickled object in the Frost Ming rediswrapper (Redis Wrapper) code path, specifically in models.py, that existed prior to version 0.3.0. This vulnerability allows an attacker to execute arbitrary scripts due to unsafe pickle ...