CVE-2025-1403 Information

Description

Qiskit SDK 0.45.0 through 1.2.4 could allow a remote attacker to cause a denial of service using a maliciously crafted QPY file containing a malformed symengine serialization stream which can cause a segfault within the symengine library.

Reference

https://www.ibm.com/support/pages/node/7183868