Vulnerabilities > CVE-2018-3784 - Deserialization of Untrusted Data vulnerability in Cryo Project Cryo 0.0.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |