CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn()

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. A code issue vulnerability exists in versions of Fickling prior to 0.1.6, which stems from a lack of security checks in the pty module and could lead to the execution of arbitrary code...

FastCMS 代码注入漏洞

FastCMS is a content management system from FastCMS Inc. A code injection vulnerability exists in FastCMS 0.1.5 and earlier versions, which originates from the file /fastcms.html/template/menu of the component template menu can lead to cross-site scripting attacks...