A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgd_fuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252204.
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-27T10:31:04.184Z
Updated: 2024-11-13T14:27:29.247Z
Reserved: 2024-01-26T17:17:09.387Z
Link: CVE-2024-0959
Vulnrichment
Updated: 2024-08-01T18:26:30.153Z
NVD
Status : Modified
Published: 2024-01-27T11:15:17.497
Modified: 2024-11-21T08:47:53.143
Link: CVE-2024-0959
Redhat
No data.