Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Qiskit SDK code execution
Vulnerability Description
A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 through 1.4.1's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of specially constructed payload.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
IBM Qiskit SDK 代码问题漏洞
Vulnerability Description
IBM Qiskit SDK是美国国际商业机器(IBM)公司的一个开源 SDK,用于在扩展量子电路、运算符和基元级别使用量子计算机。 IBM Qiskit SDK 0.18.0至1.4.1版本存在代码问题漏洞,该漏洞源于反序列化时可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A