Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6852

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01035EPSS
Exploits0References4
Veracode
Veracode
added 2025/03/24 6:13 a.m.8 views

Remote Code Execution (RCE)

Kedro is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization due to the ShelveStore class using Python's shelve module, which relies on pickle for serialization, allowing attackers to craft malicious payloads that execute arbitrary Python code upon...

9.8CVSS8.5AI score0.01035EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/22 11:54 a.m.6 views

CVE-2024-9701

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS8.2AI score0.01035EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.9 views

Kedro deserialization vulnerability

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS8.2AI score0.01035EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/03/20 10:15 a.m.6 views

CVE-2024-9701

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS0.01035EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:15 a.m.4 views

CVE-2024-9701

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS8.5AI score
Exploits0References2
CVE
CVE
added 2025/03/20 10:10 a.m.68 views

CVE-2024-9701

CVE-2024-9701 —Kedro’s ShelveStore (version 0.19.8) is vulnerable to Remote Code Execution due to unsafe deserialization: it uses Python’s shelve (pickle-based) and a crafted payload stored in the shelve file can execute arbitrary code upon deserialization. Details are tied to Kedro 0.19.8; no re...

9.8CVSS9.9AI score0.01035EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.10 views

CVE-2024-9701 Remote Code Execution in kedro-org/kedro

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS0.01035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.4 views

CVE-2024-9701 Remote Code Execution in kedro-org/kedro

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS9.9AI score0.01035EPSS
Exploits0References2
Snyk
Snyk
added 2024/11/01 6:34 a.m.3 views

Deserialization of Untrusted Data

Overview kedro is a Kedro helps you build production-ready data and analytics pipelines Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to improper validation in the ShelveStore class in the kedro.framework.session.shelvestore module. This vulnerability...

9.8CVSS7.8AI score0.01035EPSS
Exploits0References3
Rows per page
Query Builder