CVE-2021-33575

Published 17 days ago
Category: Code Injection
Source: GitHub
Severity: Critical

Vulnerability in ruby-jss

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem’s documented behavior of using Marshal.load during XML document processing.

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
n/a n/a n/a n/a n/a n/a
Patched Versions

>= 1.6.0

Unaffected Versions

n/a

References

n/a