CVE-2020-13091
CVE-2020-13091 affects pandas up to 1.0.3. The vulnerability stems from unsafe deserialization in read_pickle(), which can unserialize a payload and execute commands if reduce invokes os.system. The issue is contingent on using read_pickle() with an untrusted file. Third parties dispute the sever...