5 matches found
EUVD-2011-4140
Malware in sbrugna...
EUVD-2022-0166
Malicious code in bioql PyPI...
CVE-2022-31604
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of...
Deserialization of untrusted data
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of...
CVE-2022-31604
CVE-2022-31604 affects NVFLARE prior to 2.1.2. The PKI module deserializes CA credentials via pickle, enabling deserialization of untrusted data and potentially enabling Remote Code Execution, Denial of Service, and impact to Confidentiality/Integrity/Availability. Exploitation details are not pr...