redis-store is vulnerable to unsafe deserialization. The marshalling ability of redis-store allows attackers to load unsafe objects from redis. In order to be vulnerable to this, the options[:marshalling]
needs to be used.
CPE | Name | Operator | Version |
---|---|---|---|
redis-store | le | 1.3.0 |