Skip to main content

CVE-2021-33575

Severity High
Score 9.8/10

Summary

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

References

Advisory Timeline

  • Published