Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
tiny-rdm Tiny RDM Pickle Decoding pickle_convert.go pickle.loads deserialization
Vulnerability Description
A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this vulnerability is the function pickle.loads of the file pickle_convert.go of the component Pickle Decoding. The manipulation leads to deserialization. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Tiny RDM 代码问题漏洞
Vulnerability Description
Tiny RDM是Lykin个人开发者的一个桌面管理器。 Tiny RDM 1.2.5及之前版本存在代码问题漏洞,该漏洞源于Pickle Decoding组件中pickle_convert.go文件的pickle.loads函数存在反序列化问题,可能导致远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A