CVE-2021-29476CRITICALCVSS 9.8≥ 1.6.0, < 1.8.02021-04-29
CVE-2021-29476 [CRITICAL] CWE-502 Insecure Deserialization of untrusted data in rmccue/requests
Insecure Deserialization of untrusted data in rmccue/requests
### Impact
Unserialization of untrusted data.
### Patches
The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.
### References
Publications about the vulnerability:
* https://dannewitz.ninja/posts/php-unserialize-object-injection-yet-another-stars-rating-wordpress
* https://github.com/a
ghsaosv