3 matches found
Deserialization of Untrusted Data
Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to incomplete detection of dangerous pickle constructs. The safety analysis fails to block certain unsafe module imports,...
Deserialization of Untrusted Data
Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to missing detection of unsafe modules in the marshal.loads and types.FunctionType modules. An attacker can execute arbitrary...
PT-2022-8071 · Rgb2Hex · Rgb2Hex
Name of the Vulnerable Software and Affected Versions: rgb2hex versions up to 0.1.5 Description: A vulnerability was found in the rgb2hex software, affecting some unknown processing. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely...