CVE-2025-2000 in Qiskit SDK정보

요약

\~에 의해 MITRE • 2025. 03. 14.

A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 through 1.4.1's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of specially constructed payload.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Ibm

예약하다

2025. 03. 05.

공개

2025. 03. 14.

모더레이션

수락

항목

VDB-299725

CPE

준비됨

CWE

CWE-502 (확인됨)

CVSS

9.8 (CNA)

EPSS

0.00168

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-2000
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-2000
CVE Details	https://www.cvedetails.com/cve/CVE-2025-2000/

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!