Remote Code Execution (RCE)

picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of untrusted pickle data in the function’s reduce flow, which allows an attacker to craft a malicious pickle that bypasses the victim’s Picklescan check and achieve arbitrary code execution when t...