VYPR
Unrated severityNVD Advisory· Published Nov 23, 2022· Updated Apr 23, 2025

Remote Code Execution in Optica

CVE-2022-41875

Description

A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Specially crafted JSON payloads may lead to RCE (remote code execution) on the attacked system running Optica. The vulnerability was patched in v. 0.10.2, where the call to the function oj.load was changed to oj.safe_load.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Optica/Opticallm-create
    Range: <0.10.2
  • airbnb/opticav5
    Range: < 0.10.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.