Lucene search
+L

5 matches found

NVD
NVD
added 2025/03/10 12:15 p.m.16 views

CVE-2025-1945

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...

9.8CVSS0.00512EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/10 11:43 a.m.9 views

CVE-2025-1945 picklescan - Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...

5.3CVSS7.8AI score0.00512EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/03/10 11:43 a.m.44 views

CVE-2025-1945 picklescan - Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...

5.3CVSS0.00512EPSS
Exploits1References3
CVE
CVE
added 2025/03/10 11:43 a.m.81 views

CVE-2025-1945

The CVE-2025-1945 issue affects PickleScan before 0.0.23, which fails to detect malicious pickle payloads embedded inside PyTorch model archives when specific ZIP header flag bits are modified. By flipping ZIP flag bits (e.g., 0x1, 0x20, 0x40) in the archive, an attacker can place a malicious pic...

9.8CVSS7.8AI score0.00512EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/03/10 11:43 a.m.20 views

CVE-2025-1945 picklescan - Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...

5.3CVSS7.9AI score0.00512EPSS
Exploits1References5
Rows per page
Query Builder