Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.4 views

SUSE CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution...

7.5CVSS7AI score0.01518EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2019/06/06 7:29 p.m.17 views

CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution...

7.5CVSS6.7AI score0.01518EPSS
Exploits1References2
OSV
OSV
added 2019/06/06 7:29 p.m.6 views

CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution...

7.5CVSS3.9AI score
Exploits0References2
OSV
OSV
added 2019/06/06 7:29 p.m.13 views

PYSEC-2019-39

DISPUTED A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code...

5.4AI score
Exploits0References2
Debian CVE
Debian CVE
added 2019/06/06 6:55 p.m.16 views

CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution...

7.5CVSS5.6AI score0.01518EPSS
Exploits1
CVE
CVE
added 2019/06/06 6:55 p.m.190 views

CVE-2019-12760

The CVE-2019-12760 entry describes a deserialization flaw in parso up to version 0.4.0, where grammar parsing from the cache uses pickle. If an attacker can write a malicious pickle to a cache grammar file and trigger parsing, Arbitrary Code Execution is possible. Note: multiple sources mark this...

7.5CVSS7.5AI score0.01518EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder