exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2020-22083

около 5 лет назад

jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data

CVSS3: 9.8

EPSS: Низкий

CVE-2020-22083

около 5 лет назад

jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data

EPSS: Низкий

CVE-2020-22083

около 5 лет назад

jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data

CVSS3: 9.8

EPSS: Низкий

CVE-2020-22083

около 5 лет назад

jsonpickle through 1.4.1 allows remote code execution during deseriali ...

CVSS3: 9.8

EPSS: Низкий

GHSA-j66q-qmrc-89rx

больше 3 лет назад

jsonpickle unsafe deserialization

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-22083 jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data	CVSS3: 9.8	5% Низкий	около 5 лет назад
CVE-2020-22083 jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data		5% Низкий	около 5 лет назад
CVE-2020-22083 jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data	CVSS3: 9.8	5% Низкий	около 5 лет назад
CVE-2020-22083 jsonpickle through 1.4.1 allows remote code execution during deseriali ...	CVSS3: 9.8	5% Низкий	около 5 лет назад
GHSA-j66q-qmrc-89rx jsonpickle unsafe deserialization	CVSS3: 9.8	5% Низкий	больше 3 лет назад

Уязвимостей на страницу