2 matches found
Incomplete List of Disallowed Inputs
Overview pyspector is an A high-performance, security-focused static analysis tool for Python, powered by Rust. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the PluginSecurity.validateplugincode validation logic. An attacker can achieve arbitrary co...
Interpretation Conflict
Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Interpretation Conflict via the OBJ opcode handling logic. An attacker can evade safety checks by triggering a code path where OBJ pushes an ast.Call onto the...