Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization
Vulnerability Description
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.__setstate__ of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
datrie 代码问题漏洞
Vulnerability Description
datrie是pytries开源的一个Python高性能字典树实现库。 datrie 0.8.3及之前版本存在代码问题漏洞,该漏洞源于对文件src/datrie.pyx中函数Trie.load/Trie.read/Trie.__setstate__的错误操作,可能导致反序列化攻击。
CVSS Information
N/A
Vulnerability Type
N/A