Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-13091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the readpickle function, if reduce makes an os.system call...

9.8CVSS8.4AI score0.03387EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 5:19 p.m.77 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS9.8AI score0.05299EPSS
Exploits4Affected Software1
NVD
NVD
added 2020/05/15 7:15 p.m.23 views

CVE-2020-13091

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the readpickle function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the readpickle function is documented as unsafe and it is the user's responsibility to use...

9.8CVSS9.7AI score0.03387EPSS
Exploits1References2
OSV
OSV
added 2020/05/15 7:15 p.m.11 views

CVE-2020-13091

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the readpickle function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the readpickle function is documented as unsafe and it is the user's responsibility to use...

9.8CVSS9.6AI score
Exploits0References2
OSV
OSV
added 2020/05/15 7:15 p.m.4 views

DEBIAN-CVE-2020-13091

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the readpickle function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the readpickle function is documented as unsafe and it is the user's responsibility to use...

9.8CVSS8.5AI score0.03387EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2020/05/15 7:15 p.m.3 views

0lever-utils (>=0.0.2 <=0.0.7), a2ml (>=0.1.0 <=0.5.0rc9) +1421 more potentially affected by CVE-2020-13091 via pandas (>=0.15.0 <=1.0.3)

pandas PYPI version =0.15.0, =0.0.2, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.3, =1.1.2, =0.1.7.3, =0.1.2, =0.26.0, =0.0.3, =1.0.11, =0.1.0, =0.2.8 - ai-flow =0.1.0 and more Source cves: CVE-2020-13091 Source advisory: OSV:PYSEC-2020-73...

9.8CVSS7.2AI score0.03387EPSS
Exploits1
Cvelist
Cvelist
added 2020/05/15 6:41 p.m.23 views

CVE-2020-13091

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the readpickle function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the readpickle function is documented as unsafe and it is the user's responsibility to use...

9.7AI score0.03387EPSS
Exploits1References2
CVE
CVE
added 2020/05/15 6:41 p.m.217 views

CVE-2020-13091

CVE-2020-13091 affects pandas up to 1.0.3. The vulnerability stems from unsafe deserialization in read_pickle(), which can unserialize a payload and execute commands if reduce invokes os.system. The issue is contingent on using read_pickle() with an untrusted file. Third parties dispute the sever...

9.8CVSS9.6AI score0.03387EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder