2021-05-25 22:52:02
mitre
PUBLISHED
The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gems documented behavior of using Marshal.load during XML document processing.