CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2024-0937. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024.

CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

Post correlati

CVE-2024-31364 | ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts Plugin cross-site request forgery

CVE-2024-41629 | Texas Instruments Fusion Digital Power Designer 7.10.1 prefs-shared.xml cleartext storage

CVE-2024-8267 | Radio Player Plugin up to 2.0.78 on WordPress Attribute align cross site scripting

CVE-2024-30291 | Adobe Framemaker up to 2020.5/2022.3 out-of-bounds write (apsb24-37)