12 matches found
EulerOS Virtualization 2.13.1 : python-ply (EulerOS-SA-2026-2145)
According to the versions of the python-ply package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile...
EulerOS Virtualization 2.10.1 : python-ply (EulerOS-SA-2026-2035)
According to the versions of the python-ply package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile...
EulerOS Virtualization 2.10.0 : python-ply (EulerOS-SA-2026-2062)
According to the versions of the python-ply package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile...
Amazon Linux 2023 : policycoreutils, policycoreutils-dbus, policycoreutils-devel (ALAS2023-2026-1663)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1663 advisory. An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is...
OESA-2026-1597 python-ply security update
/ply/ /ply--.egg-info/ Security Fixes: An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Becaus...
OESA-2026-1594 python-ply security update
/ply/ /ply--.egg-info/ Security Fixes: An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Becaus...
Linux Distros Unpatched Vulnerability : CVE-2025-56005
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function...
CVE-2025-56005
An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...
CVE-2025-56005
An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...
Deserialization of Untrusted Data
Overview ply is a Python Lex & Yacc Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the picklefile parameter in the yacc function. An attacker can execute arbitrary code by supplying a specially crafted pickle file that is deserialized without validation...
CVE-2025-56005
CVE-2025-56005 affects PLY 3.11 (PyPI) and is triggered via the picklefile parameter in yacc(), which deserializes a .pkl with pickle.load() without validation. The underlying cause is unsafe deserialization, enabling remote code execution as described in multiple sources; this is not limited to ...
CVE-2025-56005
An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...