qiskit-ibm-runtime@0.11.0 vulnerabilities
IBM Quantum client for Qiskit Runtime.
-
latest version
0.23.0
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
a month ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the qiskit-ibm-runtime package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
qiskit-ibm-runtime is an IBM Quantum client for Qiskit Runtime. Affected versions of this package are vulnerable to Uncontrolled Recalculation of Data to Code ('Code Injection') due to the usage of How to fix Uncontrolled Recalculation of Data to Code ('Code Injection')? Upgrade |
[0.11.0,0.11.1)
|
qiskit-ibm-runtime is an IBM Quantum client for Qiskit Runtime. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the deserialization of JSON data using a specifically crafted input string. An attacker can execute arbitrary code on the system by providing a maliciously formatted input string to the deserialization process. How to fix Deserialization of Untrusted Data? Upgrade |
[0.1.0,0.21.2)
|