CVE-2019-17206: Uncontrolled deserialization of a pickled object in rediswrapper allows attackers to execute arbitrary scripts

Severity: Critical

CVSS Score: 9.8

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts.