RubyGems package
ruby-jss
pkg:gem/ruby-jss
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-33575 | Cri | 9.8 | < 1.6.0 | 1.6.0 | May 25, 2021 | The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing. |
- affected < 1.6.0fixed 1.6.0
The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing.