CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

CVE-2024-0937 | van_der_Schaar LAB synthcity 0.2.9 PKL File load_from_file deserialization

A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-0937. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024.