Linux Distros Unpatched Vulnerability : CVE-2024-35515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code. CVE-2024-35515 Note that Nessus relies on the presence of the...

GHSA-G4R7-86GM-PGQC sqlitedict insecure deserialization vulnerability

Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code...

abraham3k (>=1.3.8 <=1.5.3), accutuning-helpers (>=1.0.32 <=1.0.33) +317 more potentially affected by CVE-2024-35515 via sqlitedict (>=1.1.0 <=2.1.0)

sqlitedict PYPI version =1.1.0, =1.3.8, =1.0.32, =0.0.1, =0.1.0, =0.2.2, =0.4.0, =0.4.0, =0.0.1, =2.7.0, =2.7.0, =0.3.5, =0.3.7 and more Source cves: CVE-2024-35515 Source advisory: OSV:GHSA-G4R7-86GM-PGQC...

CVE-2024-35515

CVE-2024-35515 concerns insecure deserialization in the Python package sqlitedict (up to v2.1.0), enabling arbitrary code execution. Multiple connected sources corroborate that the vulnerable component is sqlitedict, and the root cause is insecure deserialization. Impact is high (arbitrary code e...

PT-2024-26524 · Unknown +1 · Sqlitedict +1

Name of the Vulnerable Software and Affected Versions: sqlitedict versions up to v2.1.0 Description: The issue is related to insecure deserialization, which allows attackers to execute arbitrary code. Recommendations: For versions up to v2.1.0, update to a version later than v2.1.0 to resolve the...