Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Vulnerability Description
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using `qiskit_ibm_runtime.RuntimeDecoder` can lead to arbitrary code execution given a correctly formatted input string. Version 0.21.2 contains a fix for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Qiskit IBM Runtime 安全漏洞
Vulnerability Description
Qiskit IBM Runtime是美国国际商业机器(IBM)公司的一个组件,用于与 IBM Quantum Experience 平台上的 IBM Quantum 硬件和模拟器进行交互。 Qiskit IBM Runtime 0.1.0版本至0.21.2之前版本存在安全漏洞,该漏洞源于反序列化json数据可能会导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A