PyPi: Qiskit-Terra

CVE-2025-1403

Safety vulnerability ID: 76332

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 21, 2025 Updated at Mar 28, 2025

Scan your Python projects for vulnerabilities →

Advisory

A maliciously crafted QPY file containing a malformed symengine serialization stream as part of the larger QPY serialization of a ParameterExpression object can cause a segfault within the symengine library, allowing an attacker to terminate the hosting process deserializing the QPY payload.

Affected package

qiskit-terra

Latest version: 0.46.3

Software for developing quantum computing programs

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1403

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application