CVE-2024-0959 | StanfordVL GibsonEnv 0.3.1 pposgd_fuse.py cloudpickle.load deserialization

Inserito da Angelo Barbosa | Gen 26, 2024 | CVE

A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibsonutilspposgd_fuse.py. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2024-0959. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0959 | StanfordVL GibsonEnv 0.3.1 pposgd_fuse.py cloudpickle.load deserialization

Post correlati

CVE-2024-3826 | Akana SSO improper authentication

CVE-2024-21670 | hyperledger-archives ursa up to 0.3.7 Revocation Schema risky encryption (GHSA-r78f-4q2q-hvv4)

CVE-2024-1943 | Yuki Plugin up to 1.3.14 on WordPress Theme Setting cross-site request forgery

CVE-2024-40543 | Sanluan PublicCMS 4.0.202302.e ueditor server-side request forgery