Godot
Monthly
In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.