tomerfiliba-org/rpyc
GitHub
Releases41
Frequency4 months 2 weeks
Last Release
Stars1.7K
RPyC (Remote Python Call) - A transparent and symmetric RPC library for python
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.4 HIGH | — | ||
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution. | |||
| 7.5 HIGH | 5 MEDIUM | ||
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings. | |||