0.008 Low
EPSS
Percentile
81.2%
slanger is vulnerable to remote code execution (RCE). An unsafe deserialization of Ruby objects allows remote attackers to execute arbitrary code using a malicious JSON containing arbitrary object of various classes.
github.com/stevegraham/slanger/pull/238
honoki.net/2019/03/18/rce-in-slanger-0-6-0/
portswigger.net/daily-swig/push-to-patch-slanger