7 matches found
CVE-2026-31223
The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability CWE-502 in the BaseLabeler.load method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load function on user-supplied file paths without any validation or...
SUSE CVE-2014-3539
base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...
PYSEC-2018-100
base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...
UBUNTU-CVE-2014-3539
base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...
PYSEC-2018-100
base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...
DEBIAN-CVE-2014-3539
base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...
PT-2018-4213 · Python · Rope +1
Name of the Vulnerable Software and Affected Versions: CPython affected versions not specified Description: The issue allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load in the Rope library. This is due to a problem in the base/oi/doa.py file...