Book a Demo / Contact Get started free

← All vulnerabilities

HIGHSupply chain

GHSA-9837-48HR-Q32J

pip · glances

Summary

Glances has Insecure Pickle Deserialization in its Version Cache that Leads to Arbitrary Code Execution

References

Related vulnerabilities

All Supply chain →

CRITICALGHSA-43X2-G84Q-FMQX
OpenDJ Pre-Auth RCE via Java Deserialization in JMX RMI
HIGHGHSA-C8Q4-9H32-2WW8
Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types
HIGHGHSA-RPJ2-4HQ8-938G
VCR.py: Arbitrary code execution via unsafe YAML deserialization of cassette files
HIGHGHSA-WV27-2VQP-J7G5
Gogs has the ability to import local repositories via Mirror Settings
HIGHGHSA-PWX3-QCGW-VH7H
Gogs Vulnerable to CSRF Leading to Organization Owner Takeover
HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download