373 matches found
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the makelabel function in the reduce method. An attacker can execute arbitrary commands by crafting...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the runcode function in the reduce methods of pickle files. An attacker can execute arbitrary code by...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the lib2to3.pgen2.grammar.Grammar.loads function. An attacker can execute arbitrary code by providing a...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the asyncio.unixevents.UnixSubprocessTransport.start function. An attacker can execute arbitrary commands...
CVE-2025-71373
picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on...
CVE-2025-71372
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...
CVE-2025-71356
picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguardsexpression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims...
CVE-2025-71366
picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.main.runcprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code in pickle files to achieve arbitrary code execution when victims load the files...
CVE-2025-71364
picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...
CVE-2025-71353
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch.dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded...
CVE-2025-71343
picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...
CVE-2025-71345
picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.main.runautogradprof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution...
CVE-2025-71375 picklescan - Undetected Remote Code Execution via _operator.methodcaller
picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...
CVE-2025-71373
CVE-2025-71373 : picklescan before 0.0.33 fails to detect operator.methodcaller calls in pickle files, allowing remote attackers to craft payloads that execute arbitrary code when loaded, compromising systems relying on picklescan for validation.
CVE-2025-71372 Picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef Gadget
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...
CVE-2025-71369
CVE-2025-71369 affects the Python utility picklescan (versions prior to 0.0.28). The vulnerability arises when pickle files leverage torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, enabling bypass of safety checks and allowing remote code execution during deserialization...
CVE-2025-71367 picklescan - Remote Code Execution via _operator.attrgetter Detection Bypass
picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...
CVE-2025-71367
CVE-2025-71367 affects picklescan before 0.0.34. The root cause is a failure to detect _operator.attrgetter calls inside pickle payloads, allowing remote attackers to craft malicious pickle files using _operator.attrgetter in reduce methods and achieve arbitrary code execution when pickle.load() ...
CVE-2025-71366
picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.main.runcprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code in pickle files to achieve arbitrary code execution when victims load the files...
CVE-2025-71366
CVE-2025-71366 affects picklescan versions before 0.0.28. The flaw is a failure to detect malicious torch.utils.bottleneck.main .run_cprofile calls inside pickle files, allowing remote attackers to embed undetected code that executes when a victim loads the pickle. The available documents do not ...