CVE-2018-3784

A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization.

Date published : 2018-08-17

https://hackerone.com/reports/350418