Security Bulletin: Vulnerability in DiskCache with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage includes DiskCache python-diskcache. Following vulnerability can achieve arbitrary code execution. CVE-2025-69872. Vulnerability Details CVEID:CVE-2025-69872 DESCRIPTION: DiskCache python-diskcache through 5.6.3 uses Python...

[SECURITY] Fedora 42 Update: python-diskcache-5.6.3-12.fc42

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 43 Update: python-diskcache-5.6.3-12.fc43

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 44 Update: python-diskcache-5.6.3-12.fc44

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

Fedora 42 : python-diskcache (2026-9e5037f4e6)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9e5037f4e6 advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora: Security Advisory (FEDORA-2026-9e5037f4e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-319d85836c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 44 : python-diskcache (2026-56264d0a56)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-56264d0a56 advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 43 : python-diskcache (2026-319d85836c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-319d85836c advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Linux Distros Unpatched Vulnerability : CVE-2025-69872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve...

a-simple-llm-kit (>=0.3.0 <=0.4.2), a62-emotion (>=0.9.2 <=0.11.4) +3409 more potentially affected by CVE-2025-69872 via diskcache (>=2.4.1 <=5.6.3)

diskcache PYPI version =2.4.1, =0.3.0, =0.9.2, =0.1.0, =0.2.1, =0.3.4, =0.1.1, =0.3.3, =0.0.2, =20260210.0.0, =3.0.0, =0.2.0, =1.1.0 and more Source cves: CVE-2025-69872 Source advisory: OSV:GHSA-W8V5-VHQR-4H9V...

DiskCache has unsafe pickle deserialization

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

DEBIAN-CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

UBUNTU-CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

a-simple-llm-kit (>=0.3.0 <=0.4.2), a62-emotion (>=0.9.2 <=0.11.4) +3409 more potentially affected by CVE-2025-69872 via diskcache (>=2.4.1 <=5.6.3)

diskcache PYPI version =2.4.1, =0.3.0, =0.9.2, =0.1.0, =0.2.1, =0.3.4, =0.1.1, =0.3.3, =0.0.2, =20260210.0.0, =3.0.0, =0.2.0, =1.1.0 and more Source cves: CVE-2025-69872 Source advisory: SNYK:PYTHON-DISKCACHE-15268422...

DiskCache 安全漏洞

DiskCache: Disk Backed Cache is a disk backup cache tool developed by Grant Jenks. Versions of DiskCache 5.6.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the default use of Python pickle for serialization, which could allow attackers to execute arbitrary co...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

CVE-2025-69872 affects DiskCache (python-diskcache) up to version 5.6.3, where Python pickle is used for serialization by default. An attacker with write access to the cache directory can cause arbitrary code execution when the victim application reads from the cache. The provided documents do no...