CVE-2024-1748 | van_der_Schaar LAB AutoPrognosis 0.1.21 Release Note load_model_from_file deserialization

Inserito da Angelo Barbosa | Feb 22, 2024 | CVE

A vulnerability classified as critical was found in van_der_Schaar LAB AutoPrognosis 0.1.21. This vulnerability affects the function load_model_from_file of the component Release Note Handler. The manipulation leads to deserialization.

This vulnerability was named CVE-2024-1748. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-1748 | van_der_Schaar LAB AutoPrognosis 0.1.21 Release Note load_model_from_file deserialization

Post correlati

CVE-2024-23181 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 cross site scripting

CVE-2023-50731 | MindsDB up to 23.11.4.0 file.py save_file name server-side request forgery (GHSA-j8w6-2r9h-cxhj)

CVE-2024-8442 | bdthemes Prime Slider Plugin up to 3.15.18 on WordPress cross site scripting

CVE-2023-51257 | jasper 4.1.2 JPC Encoder memory corruption