Homepage

amazon-braket-sdk@1.116.0

An open source library for interacting with quantum computing devices on Amazon Braket

  • latest version

    1.120.0

  • latest non vulnerable version

    1.120.0

  • first published

    5 years ago

  • latest version published

    14 hours ago

  • licenses detected

  • View amazon-braket-sdk package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the amazon-braket-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Deserialization of Untrusted Data

    amazon-braket-sdk is an An open source library for interacting with quantum computing devices on Amazon Braket

    Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialize_values() function in job results processing component. An attacker can execute arbitrary code by uploading a crafted payload with modified dataFormat field to the S3 job output bucket, which is then deserialized by the system when processing job results.

    How to fix Deserialization of Untrusted Data?

    Upgrade amazon-braket-sdk to version 1.117.0 or higher.

    [1.10.0,1.117.0)
    Go back to all versions of this package