8 matches found
CVE-2025-58367
A class pollution flaw has been discovered in the python DeepDiff library. Class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via insecure Pickle deserialization exploitation. The gadg...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
CVE-2025-58367 affects the Python package DeepDiff (versions 5.0.0–8.6.0). The vulnerability arises from class pollution in the Delta class constructor and a gadget in DeltaDiff that lets an attacker modify deepdiff.serialization.SAFE_TO_IMPORT to permit dangerous classes (e.g., posix.system), en...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
GHSA-MW26-5G2V-HQW3 DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
PT-2025-36336
Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.0 Description DeepDiff is a Python project for deep difference and search of data. Versions 5.0.0 through 8.6.0 are susceptible to class pollution through the Delta class constructor. When combined with a...