CVE-2017-1000248: Remote code execution

November 16, 2017 (updated December 4, 2017)

Unsafe objects can be loaded from redis.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000248
github.com/redis-store/redis-store/commit/ce13252c26fcc40ed4935c9abfeb0ee0761e5704
github.com/redis-store/redis-store/pull/290

Detect and mitigate CVE-2017-1000248 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →