activesupport/test/cache/behaviors/local_cache_behavior.rb · 0d304eae601f085274b2e2c04316e025b443da62 · Rails relative code / rails-deleted-2

Sep 22, 2018

activesupport: Deprecate Marshal.load on raw cache read in RedisCacheStore · bd39a13c

Dylan Thacker-Smith authored Sep 22, 2018

The same value for the `raw` option should be provided for both reading and
writing to avoid Marshal.load being called on untrusted data.

[CVE-2020-8165]

bd39a13c

activesupport: Deprecate Marshal.load on raw cache read in RedisCacheStore

Dylan Thacker-Smith authored Sep 22, 2018

The same value for the `raw` option should be provided for both reading and
writing to avoid Marshal.load being called on untrusted data.

[CVE-2020-8165]