{"id":"GHSA-6m2c-76ff-6vrf","summary":"Qiskit allows arbitrary code execution decoding QPY format versions \u003c 13","details":"### Impact\n\nA maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats \u003c 13. A python process calling Qiskit's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of a specially constructed payload.\n\n### Patches\n\nFixed in Qiskit 1.4.2 and in Qiskit 2.0.0rc2","aliases":["CVE-2025-2000"],"modified":"2025-05-02T22:02:58.997199Z","published":"2025-03-14T19:56:14Z","database_specific":{"severity":"CRITICAL","nvd_published_at":null,"github_reviewed_at":"2025-03-14T19:56:14Z","github_reviewed":true,"cwe_ids":["CWE-502"]},"references":[{"type":"WEB","url":"https://github.com/Qiskit/qiskit/security/advisories/GHSA-6m2c-76ff-6vrf"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2000"},{"type":"PACKAGE","url":"https://github.com/Qiskit/qiskit"},{"type":"WEB","url":"https://www.ibm.com/support/pages/node/7185949"}],"affected":[{"package":{"name":"qiskit-terra","ecosystem":"PyPI","purl":"pkg:pypi/qiskit-terra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.18.0"},{"last_affected":"0.46.3"}]}],"versions":["0.18.0","0.18.1","0.18.2","0.18.3","0.19.0","0.19.1","0.19.2","0.20.0","0.20.1","0.20.2","0.21.0","0.21.0rc1","0.21.1","0.21.2","0.22.0","0.22.0rc1","0.22.1","0.22.2","0.22.3","0.22.4","0.23.0","0.23.0rc1","0.23.1","0.23.2","0.23.3","0.24.0","0.24.0rc1","0.24.1","0.24.2","0.25.0","0.25.0rc1","0.25.1","0.25.2","0.25.2.1","0.25.3","0.45.0","0.45.0rc1","0.45.1","0.45.2","0.45.3","0.46.0","0.46.1","0.46.2","0.46.3"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-6m2c-76ff-6vrf/GHSA-6m2c-76ff-6vrf.json"}},{"package":{"name":"qiskit","ecosystem":"PyPI","purl":"pkg:pypi/qiskit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.2"}]}],"versions":["0.10.0","0.10.1","0.10.2","0.10.3","0.10.4","0.10.5","0.11.0","0.11.1","0.11.2","0.12.0","0.12.1","0.12.2","0.13.0","0.14.0","0.14.1","0.15.0","0.16.0","0.16.1","0.16.2","0.17.0","0.18.0","0.18.1","0.18.2","0.18.3","0.19.0","0.19.1","0.19.2","0.19.3","0.19.4","0.19.5","0.19.6","0.20.0","0.20.1","0.21.0","0.22.0","0.23.0","0.23.1","0.23.2","0.23.3","0.23.4","0.23.5","0.23.6","0.24.0","0.24.1","0.25.0","0.25.1","0.25.2","0.25.3","0.25.4","0.26.0","0.26.1","0.26.2","0.27.0","0.28.0","0.29.0","0.29.1","0.3.10","0.3.11","0.3.12","0.3.13","0.3.14","0.3.15","0.3.16","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.30.0","0.30.1","0.31.0","0.32.0","0.32.1","0.33.0","0.33.1","0.34.0","0.34.1","0.34.2","0.35.0","0.36.0","0.36.1","0.36.2","0.37.0","0.37.1","0.37.2","0.38.0","0.39.0","0.39.1","0.39.2","0.39.3","0.39.4","0.39.5","0.4.0","0.4.1","0.4.10","0.4.11","0.4.12","0.4.13","0.4.14","0.4.15","0.4.2","0.4.3","0.4.4","0.4.5","0.4.6","0.4.7","0.4.8","0.4.9","0.40.0","0.41.0","0.41.1","0.42.0","0.42.1","0.43.0","0.43.1","0.43.2","0.43.3","0.44.0","0.44.1","0.44.2","0.44.3","0.45.0","0.45.0rc1","0.45.1","0.45.2","0.45.3","0.46.0","0.46.1","0.46.2","0.46.3","0.5.0","0.5.1","0.5.2","0.5.3","0.5.4","0.5.5","0.5.6","0.5.7","0.6.0","0.6.1","0.7.0","0.7.1","0.7.2","0.7.3","0.8.0","0.8.1","0.9.0","1.0.0","1.0.0b1","1.0.0rc1","1.0.1","1.0.2","1.1.0","1.1.0rc1","1.1.1","1.1.2","1.2.0","1.2.0rc1","1.2.1","1.2.2","1.2.3","1.2.4","1.3.0","1.3.0b1","1.3.0rc1","1.3.0rc2","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1"],"database_specific":{"last_known_affected_version_range":"\u003c= 1.4.1","source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-6m2c-76ff-6vrf/GHSA-6m2c-76ff-6vrf.json"}},{"package":{"name":"qiskit","ecosystem":"PyPI","purl":"pkg:pypi/qiskit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.0.0rc1"},{"fixed":"2.0.0rc2"}]}],"versions":["2.0.0rc1"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-6m2c-76ff-6vrf/GHSA-6m2c-76ff-6vrf.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}