Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution in Optica
Vulnerability Description
A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Specially crafted JSON payloads may lead to RCE (remote code execution) on the attacked system running Optica. The vulnerability was patched in v. 0.10.2, where the call to the function `oj.load` was changed to `oj.safe_load`.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Optica 代码问题漏洞
Vulnerability Description
Optica是Airbnb开源的一种用于注册和定位节点的服务。 Optica 0.10.2之前版本存在代码问题漏洞。攻击者利用该漏洞通过特制的JSON有效载荷执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A