Lucene search
K

9 matches found

CVE
CVE
added 14 hours ago4 views

CVE-2025-71359

The CVE concerns the Python package picklescan prior to version 0.0.29, where the vulnerability lies in deserializing pickle payloads that leverage lib2to3.pgen2.grammar.Grammar.loads within the reduce method. This can enable remote code execution during pickle.load() , by crafting pickle files t...

8.1CVSS6.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 14 hours ago2 views

CVE-2025-71359

picklescan before 0.0.29 fails to detect malicious pickle payloads that utilize lib2to3.pgen2.grammar.Grammar.loads in the reduce method, allowing remote code execution. Attackers can craft pickle files embedding dangerous code that evades picklescan detection and executes during pickle.load...

8.1CVSS6.3AI score
Exploits0References3
EUVD
EUVD
added 14 hours ago8 views

EUVD-2025-210416

picklescan before 0.0.29 fails to detect malicious pickle payloads that utilize lib2to3.pgen2.grammar.Grammar.loads in the reduce method, allowing remote code execution. Attackers can craft pickle files embedding dangerous code that evades picklescan detection and executes during pickle.load...

8.1CVSS6.3AI score
Exploits0References2
CVE
CVE
added 14 hours ago7 views

CVE-2025-71343

CVE-2025-71343 affects picklescan prior to 0.0.30. The issue arises from a weakness in detecting malicious pickle payloads that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label in the reduce method, enabling attackers to craft pickle files that evade detection and execute arbitrary commands ...

8.1CVSS6.1AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/08/26 9:34 p.m.7 views

Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label

Summary Using lib2to3.pgen2.pgen.ParserGenerator.makelabel function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/08/26 9:34 p.m.2 views

GHSA-P9W7-82W4-7Q8M Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label

Summary Using lib2to3.pgen2.pgen.ParserGenerator.makelabel function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/26 6:36 p.m.4 views

Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads

Summary Using lib2to3.pgen2.grammar.Grammar.loads, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to lib2to3.pgen2.grammar.Grammar.loads function in reduce meth...

7.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/08/26 6:36 p.m.1 views

GHSA-F54Q-57X4-JG88 Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads

Summary Using lib2to3.pgen2.grammar.Grammar.loads, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to lib2to3.pgen2.grammar.Grammar.loads function in reduce meth...

7.9AI score
Exploits0References3
Oracle linux
Oracle linux
added 2011/05/28 12:0 a.m.60 views

python security, bug fix, and enhancement update

python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...

6.9CVSS7.3AI score0.14643EPSS
Exploits3
Rows per page
Query Builder