A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgd_fuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252204.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-27T10:31:04.184Z
Updated: 2024-08-01T18:26:30.153Z
Reserved: 2024-01-26T17:17:09.387Z
Link: CVE-2024-0959
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-27T11:15:17.497
Modified: 2024-05-17T02:35:06.383
Link: CVE-2024-0959
Redhat
No data.