Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2025/03/14 7:56 p.m.8 views

acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +161 more potentially affected by CVE-2025-2000 via qiskit (>=0.18.3 <=1.4.0)

qiskit PYPI version =0.18.3, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.4, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =0.0.2, =0.1.0, =0.1.0.3 and more Source cves: CVE-2025-2000 Source advisory: SNYK:PYTHON-QISKIT-9459043...

9.8CVSS5.8AI score0.00741EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/14 7:56 p.m.7 views

acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +122 more potentially affected by CVE-2025-2000 via qiskit (>=0.40.0 <=1.4.1)

qiskit PYPI version =0.40.0, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =2023.5.21, =0.0.1, =0.1.1, =0.1.3 and more Source cves: CVE-2025-2000 Source advisory: OSV:GHSA-6M2C-76FF-6VRF...

9.8CVSS5.4AI score0.00741EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/14 2:4 p.m.13 views

Security Bulletin: Arbitrary QPY Execution in Qiskit SDK QPY Deserialization < 13

Summary A maliciously crafted QPY payload can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY format versions 13. A Python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in...

9.8CVSS7.4AI score0.00741EPSS
Exploits0Affected Software1
Circl
Circl
added 2025/03/14 1:48 p.m.7 views

CVE-2025-2000

creationtimestamp| type| source ---|---|--- 2025-03-14 13:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114161097463600507 2025-03-14 13:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkdra5uxik26 2025-03-14 14:40:21+00:00| seen|...

9.8CVSS4.8AI score0.00741EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/03/14 1:4 p.m.12 views

CVE-2025-2000 Qiskit SDK code execution

A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats 13. A python process calling Qiskit 0.18.0 through 1.4.1's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded ...

9.8CVSS9.7AI score0.00741EPSS
Exploits0References1
CVE
CVE
added 2025/03/14 1:4 p.m.104 views

CVE-2025-2000

CVE-2025-2000 describes arbitrary code execution via deserialization of QPY files in Qiskit QPY.load() for formats

9.8CVSS9.7AI score0.00741EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder