12 matches found
EUVD-2025-29453
Malicious code in bioql PyPI...
EUVD-2025-29482
Malicious code in bioql PyPI...
EUVD-2025-29468
Malicious code in bioql PyPI...
Remote Code Execution (RCE)
picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization/execution because trace.Trace.runctx can be used to execute code from untrusted pickle or otherwise crafted inputs in the interpreter context, allowing arbitrary code execution...
Remote Code Execution (RCE)
cProfile is vulnerable to Remote Code Execution RCE.The vulnerability is due to unsafe deserialization/execution because cProfile.runctx can be abused to execute code from untrusted pickle files passed into its execution context...
Remote Code Execution (RCE)
picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure deserialization because profile.Profile.runctx can be abused to execute malicious pickle files...
Picklescan is missing detection when calling built-in python cProfile.runctx
Summary Using cProfile.runctx function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.runctx function in reduce method Then when the victim after...
GHSA-9W88-8RMG-7G2P Picklescan is missing detection when calling built-in python cProfile.runctx
Summary Using cProfile.runctx function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.runctx function in reduce method Then when the victim after...
GHSA-6VQJ-C2Q5-J97W Picklescan has a missing detection when calling built-in python profile.Profile.runctx
Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim...
Picklescan has a missing detection when calling built-in python profile.Profile.runctx
Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim...
GHSA-G344-HCPH-8VGG Picklescan has a missing detection when calling built-in python trace.Trace.runctx
Summary Using trace.Trace.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to trace.Trace.runctx function in reduce method Then when the victim after...
Picklescan has a missing detection when calling built-in python trace.Trace.runctx
Summary Using trace.Trace.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to trace.Trace.runctx function in reduce method Then when the victim after...