---
gem: redis-store
cve: 2017-1000248
url: https://github.com/redis-store/redis-store/commit/ce13252c26fcc40ed4935c9abfeb0ee0761e5704
date: 2017-11-16
title: Unsafe objects can be loaded from Redis

description: |
  Redis-store <=v1.3.0 allows unsafe objects to be loaded from Redis via the
  use of the Marshal serializer.

patched_versions:
  - ">= 1.4.0"

related:
  url:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000248