6 matches found
acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +161 more potentially affected by CVE-2025-2000 via qiskit (>=0.18.3 <=1.4.0)
qiskit PYPI version =0.18.3, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.4, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =0.0.2, =0.1.0, =0.1.0.3 and more Source cves: CVE-2025-2000 Source advisory: SNYK:PYTHON-QISKIT-9459043...
acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +122 more potentially affected by CVE-2025-2000 via qiskit (>=0.40.0 <=1.4.1)
qiskit PYPI version =0.40.0, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =2023.5.21, =0.0.1, =0.1.1, =0.1.3 and more Source cves: CVE-2025-2000 Source advisory: OSV:GHSA-6M2C-76FF-6VRF...
Security Bulletin: Arbitrary QPY Execution in Qiskit SDK QPY Deserialization < 13
Summary A maliciously crafted QPY payload can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY format versions 13. A Python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in...
CVE-2025-2000
creationtimestamp| type| source ---|---|--- 2025-03-14 13:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114161097463600507 2025-03-14 13:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkdra5uxik26 2025-03-14 14:40:21+00:00| seen|...
CVE-2025-2000 Qiskit SDK code execution
A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats 13. A python process calling Qiskit 0.18.0 through 1.4.1's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded ...
CVE-2025-2000
CVE-2025-2000 describes arbitrary code execution via deserialization of QPY files in Qiskit QPY.load() for formats