{"id":"PYSEC-2024-231","details":"LightGBM Remote Code Execution Vulnerability","aliases":["CVE-2024-43598","GHSA-2586-f3p4-hq84"],"modified":"2025-02-18T19:41:59.478178Z","published":"2024-11-12T18:15:28Z","references":[{"type":"FIX","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43598"}],"affected":[{"package":{"name":"lightgbm","ecosystem":"PyPI","purl":"pkg:pypi/lightgbm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6.0"}]}],"versions":["2.0.10","2.0.11","2.0.12","2.0.2","2.0.3","2.0.4","2.0.5","2.0.6","2.0.7","2.1.0","2.1.1","2.1.2","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.3.1","3.0.0","3.0.0rc1","3.1.0","3.1.1","3.2.0","3.2.1","3.3.0","3.3.1","3.3.2","3.3.3","3.3.4","3.3.5","4.0.0","4.1.0","4.2.0","4.3.0","4.4.0","4.5.0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/lightgbm/PYSEC-2024-231.yaml"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}