#CVE202427322

Open source programming language R patches critical arbitrary code exec flaw

by

April 30, 2024 at 09:07PM The open source R programming language has fixed a critical CVE-2024-27322 vulnerability that could allow arbitrary code execution. The flaw was closed in version 4.4.0 of R Core, and it’s recommended to upgrade. The exploit could compromise the software supply chain and trigger hidden payload even just by opening the … Read more

New R Programming Vulnerability Exposes Projects to Supply Chain Attacks

by

April 29, 2024 at 10:00AM A security vulnerability, CVE-2024-27322, has been discovered in the R programming language, enabling threat actors to execute malicious code via RDS files. This flaw, fixed in version 4.4.0, could lead to supply chain attacks through compromised R packages. AI security firm HiddenLayer reported the issue, emphasizing the importance of updating … Read more