3 matches found
R Language Vulnerable to Arbitrary Code Execution via Malicious RDS Files (v1.4.0–<4.4.0)
...
The vulnerability of the R programming language interpreter, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code in the target system.
The vulnerability of the R programming language interpreter is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using specially created RDS and .rdx files...
DEBIAN-CVE-2024-27322
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user’s system when interacted...