CVE-2024-52338 | Apache Arrow R up to 16.1.0 to_data_frame deserialization

Inserito da Angelo Barbosa | Nov 28, 2024 | CVE

A vulnerability was found in Apache Arrow R up to 16.1.0. It has been rated as problematic. This issue affects the function to_data_frame. The manipulation leads to deserialization.

The identification of this vulnerability is CVE-2024-52338. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52338 | Apache Arrow R up to 16.1.0 to_data_frame deserialization

Post correlati

CVE-2024-52944 | Veritas Enterprise Vault up to 15.1 HTTP Request cross site scripting (ZDI-CAN-24698)

CVE-2024-34257 | Totolink EX1800T 9.1.0cu.2112_B20220316 apcliEncrypType improper authorization

CVE-2024-23958 | Autel MaxiCharger AC Elite Business C50 BLE hard-coded credentials

CVE-2024-39460 | Bitbucket Branch Source Plugin up to 886.v44cf5e4ecec5 on Jenkins OAuth Access Token log file