Skip to main content

Ruby Jss

1 CVEs product

Monthly

CVE-2021-33575 Ruby CRITICAL PATCH Act Now

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ruby Jss
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ruby Jss
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy