CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2024-0937. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024.

CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

Related Posts

CVE-2024-43356 | bobbingwide oik Plugin up to 4.12.0 on WordPress cross-site request forgery

CVE-2023-52099 | Huawei HarmonyOS/EMUI NMS Module access control

CVE-2024-51190 | TRENDnet TEW-651BR/TEW-652BRU /special_ap.htm ptRule_ApplicationName_1.1.6.0.0 cross site scripting

CVE-2024-26445 | flusity CMS 2.33 delete_place.php cross-site request forgery