7 matches found
Remote code execution
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
UBUNTU-CVE-2024-27758
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=3.3.0 <=5.3.1)
rpyc PYPI version =3.3.0, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.10.60, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:PYSEC-2024-44...
aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=4.0.1 <=5.3.1)
rpyc PYPI version =4.0.1, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.17.18, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:GHSA-H5CG-53G7-GQJW...
GHSA-9GGP-4JPR-7PPJ Duplicate Advisory: Possible remote code execution via a remote procedure call
Withdrawn: duplicate of GHSA-pj4g-4488-wmxm Original Description In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
PYSEC-2019-118
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
xtlib (>=0.0.176 <=0.0.996) potentially affected by CVE-2019-16328 via rpyc (=4.1.0)
rpyc PYPI version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on rpyc and may be impacted: - xtlib =0.0.176, =0.0.996 Source cves: CVE-2019-16328 Source advisory: OSV:PYSEC-2019-118...