FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

R -- arbitrary code execution vulnerability

Affected packages
R < 4.4.0

Details

VuXML ID 4a1e2bad-0836-11ef-9fd2-1c697a616631
Discovery 2024-04-29
Entry 2024-05-02

HiddenLayer Research reports:

Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user's system.

[source]

References

CVE Name CVE-2024-27322
URL https://nvd.nist.gov/vuln/detail/CVE-2024-27322

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.