Vulnerabilities > Geokit

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2023-26153 Deserialization of Untrusted Data vulnerability in Geokit Geokit-Rails
Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie.
network
low complexity
geokit CWE-502
critical
9.8