4 matches found
CVE-2024-29032
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using qiskitibmruntime.RuntimeDecoder can lead to arbitrary code...
CVE-2024-29032 `qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using qiskitibmruntime.RuntimeDecoder can lead to arbitrary code...
bosonic-qiskit (>=0.0.0 <=12.2.6), iqm-benchmarks (>=1.3.0 <=1.6.0) +5 more potentially affected by CVE-2024-29032 via qiskit-ibm-runtime (=0.20.0)
qiskit-ibm-runtime PYPI version =0.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on qiskit-ibm-runtime and may be impacted: - bosonic-qiskit =0.0.0, =1.3.0, =0.35.1, =0.3.0, =0.14.0, =0.1.6, =0.1.10 Source cves: CVE-2024-29032 Source advisory:...
CVE-2024-29032
creationtimestamp| type| source ---|---|--- 2024-03-19 19:48:53+00:00| published-proof-of-concept| https://github.com/Qiskit/qiskit-ibm-runtime/security/advisories/GHSA-x4x5-jv3x-9c7m...