Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Python library for serializing any arbitrary object graph into JSON
Version 1.5.2-1 [community]


Group Affected Fixed Severity Status Ticket
AVG-1370 1.5.2-1 Low Vulnerable
Issue Group Severity Remote Type Description
CVE-2020-22083 AVG-1370 Low Yes Arbitrary code execution
** DISPUTED ** jsonpickle allows arbitrary code execution during deserialisation of a malicious payload through the decode() function. Note: It has been...