Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/04/26 4:14 a.m.5 views

CVE-2025-46417

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

6.8CVSS6.9AI score0.002EPSS
Exploits1References1
nvd
nvd
added 2025/04/24 1:15 a.m.11 views

CVE-2025-46417

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

7.5CVSS0.002EPSS
Exploits1References2
cve
cve
added 2025/04/24 12:0 a.m.75 views

CVE-2025-46417

CVE-2025-46417 affects Picklescan up to version 0.0.25, where unsafe globals exclude ssl, allowing ssl.get_server_certificate to exfiltrate data via DNS after deserialization. Exploitation details are not provided in the connected documents. CVSS vectors indicate high impact under NVD (7.5) and m...

7.5CVSS6.6AI score0.002EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2025/04/24 12:0 a.m.5 views

CVE-2025-46417

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

6.8CVSS6.9AI score0.002EPSS
Exploits1References2
osv
osv
added 2025/04/24 12:0 a.m.5 views

CVE-2025-46417

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

6.8CVSS6.9AI score0.002EPSS
Exploits1References4
circl
circl
added 2025/04/07 6:52 p.m.6 views

CVE-2025-46417

creationtimestamp| type| source ---|---|--- 2025-04-07 18:52:47+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-93mv-x874-956g 2025-04-24 01:04:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13169 2025-04-24 04:42:06+00:00| seen|...

7.5CVSS5.7AI score0.002EPSS
Exploits1References4
Rows per page
Query Builder