
We found results for “”
CVE-2023-27531
Good to know:

Date: January 8, 2025
Carefully crafted JSON data processed by Kredis up to 1.3.0 may result in deserialization of untrusted data, potentially leading to deserialization of unexpected objects in the system. Any applications using Kredis with JSON are affected. Version 1.3.0.1 contains a patch for this issue.
Language: Ruby
Severity Score
Related Resources (8)
Severity Score
Weakness Type (CWE)
Deserialization of Untrusted Data
CWE-502Top Fix

CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |