We found results for “”
CVE-2023-27531
Good to know:
Date: March 2, 2023
Carefully crafted JSON data processed by Kredis up to 1.3.0 may result in deserialization of untrusted data, potentially leading to deserialization of unexpected objects in the system. Any applications using Kredis with JSON are affected. Version 1.3.0.1 contains a patch for this issue.
Language: Ruby
Severity Score
Related Resources (4)
Severity Score
Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | LOW |