3 matches found
CVE-2025-71343
CVE-2025-71343 affects picklescan prior to 0.0.30. The issue arises from a weakness in detecting malicious pickle payloads that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label in the reduce method, enabling attackers to craft pickle files that evade detection and execute arbitrary commands ...
EUVD-2025-29500
Malicious code in bioql PyPI...
GHSA-P9W7-82W4-7Q8M Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label
Summary Using lib2to3.pgen2.pgen.ParserGenerator.makelabel function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...