CVE-2024-27758

Published: 2024-03-12T16:15Z

Last Modified: 2024-11-21T09:05Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt