PT-2024-26524 · Unknown+1 · Sqlitedict+1
William Lin
·
Published
2024-09-18
·
Updated
2024-09-20
·
CVE-2024-35515
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
sqlitedict versions up to v2.1.0
Description
The issue is related to insecure deserialization, which allows attackers to execute arbitrary code.
Recommendations
For versions up to v2.1.0, update to a version later than v2.1.0 to resolve the issue.
Fix
Code Injection
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Sqlitedict