Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when loaded.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hiddenlayer.com/sai-security-advisory/ydata-june2024 |
![]() ![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: HiddenLayer
Published: 2024-06-04T12:03:07.125Z
Updated: 2024-08-02T03:43:50.922Z
Reserved: 2024-05-31T14:19:09.799Z
Link: CVE-2024-37064

Updated: 2024-08-02T03:43:50.922Z

Status : Awaiting Analysis
Published: 2024-06-04T12:15:13.313
Modified: 2024-11-21T09:23:08.240
Link: CVE-2024-37064

No data.