36 matches found
EUVD-2025-0219
Malicious code in bioql PyPI...
EUVD-2025-14804
Malicious code in bioql PyPI...
EUVD-2025-27049
Malicious code in bioql PyPI...
openSUSE 15 Security Update : python-deepdiff (SUSE-SU-2025:03127-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03127-1 advisory. - CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347. Tenable has extracted...
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2025:03127-1 Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: - CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347...
SUSE CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
A class pollution flaw has been discovered in the python DeepDiff library. Class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via insecure Pickle deserialization exploitation. The gadg...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
CVE-2025-58367 affects the Python package DeepDiff (versions 5.0.0–8.6.0). The vulnerability arises from class pollution in the Delta class constructor and a gadget in DeltaDiff that lets an attacker modify deepdiff.serialization.SAFE_TO_IMPORT to permit dangerous classes (e.g., posix.system), en...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
Class Pollution
Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Class Pollution via the Delta constructor and manipulation of the SAFETOIMPORT set. An attacker can execute...
GHSA-MW26-5G2V-HQW3 DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
PT-2025-36336
Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.0 Description DeepDiff is a Python project for deep difference and search of data. Versions 5.0.0 through 8.6.0 are susceptible to class pollution through the Delta class constructor. When combined with a...
Class Pollution
Mesop is vulnerable to Class Pollution. The vulnerability is due to insecure handling of global variables and class attributes due to the ability of attackers to overwrite them at runtime, leading to potential denial of service, identity confusion, or remote code execution...
CVE-2025-30358
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...
Class Pollution
Overview mesop is a Build UIs in Python Affected versions of this package are vulnerable to Class Pollution in the recursiveupdatedataclassfromjsonobj function, which doesn't raise an exception for dunder properties. An attacker can cause denial of service by overwriting these elements, leading t...