The R Project R vulnerabilities
2 known vulnerabilities affecting the_r_project/r.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-27322HIGHCVSS 8.8≥ 1.4.0, < 4.4.02024-04-29
CVE-2024-27322 [HIGH] CWE-502 CVE-2024-27322: Deserialization of untrusted data can occur in the R statistical programming language, on any versio
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted with.
nvd
CVE-2016-8714HIGHCVSS 8.8v3.3.0v3.3.22017-03-10
CVE-2016-8714 [HIGH] CWE-120 CVE-2016-8714: An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R progr
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability.
nvd