CVE-2024-27322 in The R Projectinfo

Zusammenfassung

von MITRE • 29.04.2024

Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted with.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Zuständig

HiddenLayer

Reservieren

23.02.2024

Veröffentlichung

29.04.2024

Moderieren

akzeptiert

Eintrag

VDB-262364

CPE

bereit

EPSS

0.23618

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!