14 matches found
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.5.0-py3-none-any.whl
Summary IBM Watson Discovery Cartridge contains a vulnerable version of deepdiff-8.5.0-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-58367 DESCRIPTION: DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class...
EUVD-2025-27049
Malicious code in bioql PyPI...
Insecure Deserialization
DeepDiff is vulnerable to insecure deserialization.The vulnerability is due to class pollution via the Delta class constructor which, when combined with a gadget in DeltaDiff, allows an attacker to modify deepdiff.serialization.SAFETOIMPORT and trigger insecure Pickle deserialization through Delt...
SUSE CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
A class pollution flaw has been discovered in the python DeepDiff library. Class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via insecure Pickle deserialization exploitation. The gadg...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
CVE-2025-58367 affects the Python package DeepDiff (versions 5.0.0–8.6.0). The vulnerability arises from class pollution in the Delta class constructor and a gadget in DeltaDiff that lets an attacker modify deepdiff.serialization.SAFE_TO_IMPORT to permit dangerous classes (e.g., posix.system), en...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2025-58367
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
GHSA-MW26-5G2V-HQW3 DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...
PT-2025-36336
Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.0 Description DeepDiff is a Python project for deep difference and search of data. Versions 5.0.0 through 8.6.0 are susceptible to class pollution through the Delta class constructor. When combined with a...