| ID |
CVE-2025-6279
|
| Sažetak |
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used. |
| Reference |
|
| CVSS |
| Base: | 5.2 |
| Impact: | 6.4 |
| Exploitability: | 5.1 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| ADJACENT_NETWORK |
LOW |
SINGLE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| CVSS vektor |
AV:A/AC:L/Au:S/C:P/I:P/A:P |
| Zadnje važnije ažuriranje |
19-06-2025 - 21:15 |
| Objavljeno |
19-06-2025 - 21:15 |
