AVG-1370 log
| Package | python-jsonpickle |
| Status | Vulnerable |
| Severity | Low |
| Type | arbitrary code execution |
| Affected | 1.5.2-3 |
| Fixed | Unknown |
| Current | 3.4.2-1 [extra] |
| Ticket | Create |
| Created | Thu Dec 17 20:29:47 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-22083 | Low | Yes | Arbitrary code execution | ** DISPUTED ** jsonpickle allows arbitrary code execution during deserialisation of a malicious payload through the decode() function. Note: It has been... |