2 matches found
Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.getlincoef
Summary Picklescan uses the numpy.f2py.crackfortran.getlincoef function a NumPy F2PY helper to execute arbitrary Python code during unpickling. Details Picklescan fails to detect a malicious pickle that uses the gadget numpy.f2py.crackfortran.getlincoef in reduce, allowing arbitrary command...
EUVD-2024-50235
Malicious code in bioql PyPI...