4 matches found
EUVD-2025-29453
Malicious code in bioql PyPI...
Remote Code Execution (RCE)
picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure deserialization because profile.Profile.runctx can be abused to execute malicious pickle files...
GHSA-6VQJ-C2Q5-J97W Picklescan has a missing detection when calling built-in python profile.Profile.runctx
Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim...
Picklescan has a missing detection when calling built-in python profile.Profile.runctx
Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim...