16 matches found
Fedora: Security Advisory (FEDORA-2024-17a3b4d4c3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-27758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote...
Fedora 41 : python-rpyc (2024-17a3b4d4c3)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-17a3b4d4c3 advisory. Fix CVE-2024-27758 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
openSUSE Security Advisory (openSUSE-SU-2024:0082-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-rpyc (important)
openSUSE Security Update: Security update for python-rpyc Announcement ID: openSUSE-SU-2024:0082-1 Rating: important References: 1221331 Cross-References: CVE-2024-27758 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This...
CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
DEBIAN-CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=3.3.0 <=5.3.1)
rpyc PYPI version =3.3.0, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.10.60, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:PYSEC-2024-44...
CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
CVE-2024-27758
CVE-2024-27758 affects RPyC prior to 6.0.0. The issue arises when a server exposes a method that calls the attribute array on a client-provided netref (e.g., np.array(client_netref)), enabling remote code execution. Impact is system compromise with high severity; exploit requires local access/vec...
aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=4.0.1 <=5.3.1)
rpyc PYPI version =4.0.1, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.17.18, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:GHSA-H5CG-53G7-GQJW...
GHSA-H5CG-53G7-GQJW RPyC's missing security check results in code execution when using numpy.array on the server-side.
An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the array attribute component. This vulnerability was introduced in 9f45f826. Attack Vector RPyC services that rely on the array attribute used by numpy are impacted. When...
RPyC's missing security check results in code execution when using numpy.array on the server-side.
An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the array attribute component. This vulnerability was introduced in 9f45f826. Attack Vector RPyC services that rely on the array attribute used by numpy are impacted. When...