V
Scaner-VS
vulnerability catalog · v4.2
Home
Catalog
References
Reference catalogs
Sources
Upstream vulnerability databases
CWE
Common Weakness Enumeration
CAPEC
Attack pattern catalog
ATT&CK
Adversary tactics & techniques
Mitigations
ATT&CK Mitigations (M-codes)
Products
Affected products & software
Vendors
Vendors & manufacturers
Docs
EN
RU
Home
Catalog
Sources
CWE
CAPEC
ATT&CK
Mitigations
Products
Vendors
Docs
← Back to List
Rpc.py_project
›
Application
nvd
Rpc.py
Vulnerabilities
1
Known exploited
0
Max CVSS
9.8
Top EPSS
0.45862
Severity breakdown
Critical
1
High
0
Medium
0
Low
0
Affected version ranges
0.4.2–0.6.0
Also matched as (raw):
rpc.py
Top vulnerabilities
CVE-2022-35411
rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.
View vendor →
Open in catalog with product filter →