Lucene search
K

4 matches found

Snyk
Snyk
added 2019/06/06 8:19 p.m.2 views

Deserialization of Untrusted Data

Amendment This was deemed not a vulnerability. Overview parso is a Python parser that supports error recovery and round-trip parsing for different Python versions. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. A deserialization vulnerability exists in the...

7.5CVSS7AI score0.01518EPSS
Exploits1References2
OSV
OSV
added 2019/06/06 7:29 p.m.3 views

UBUNTU-CVE-2019-12760

DISPUTED A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code...

7.5CVSS5.8AI score0.01518EPSS
Exploits1References3
PyPA
PyPA
added 2019/06/06 7:29 p.m.6 views

PYSEC-2019-109

DISPUTED A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code...

7.5CVSS7AI score0.01518EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2019/06/06 7:29 p.m.1 views

DEBIAN-CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution...

7.5CVSS6.2AI score0.01518EPSS
Exploits1References1
Rows per page
Query Builder