FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

R -- arbitrary code execution vulnerability

Affected packages
R < 4.4.0


VuXML ID 4a1e2bad-0836-11ef-9fd2-1c697a616631
Discovery 2024-04-29
Entry 2024-05-02

HiddenLayer Research reports:

Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user's system.


CVE Name CVE-2024-27322