SUSE CVE-2025-58367

🗓️ 09 Sep 2025 23:22:01Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

DeepDiff Delta class enables dangerous pickle leading to remote code execution; fixed in 8.6.1.

Reporter	Title	Published	Views	Family All 37
IBM Security Bulletins	Security Bulletin: Vulnerability in DeepDiff affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.	29 Dec 202507:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.5.0-py3-none-any.whl	7 Oct 202519:37	–	ibm
Circl	CVE-2025-58367	3 Sep 202519:39	–	circl
CNNVD	DeepDiff 安全漏洞	5 Sep 202500:00	–	cnnvd
CVE	CVE-2025-58367	5 Sep 202521:52	–	cve
Cvelist	CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution	5 Sep 202521:52	–	cvelist
Debian CVE	CVE-2025-58367	5 Sep 202521:52	–	debiancve
EUVD	EUVD-2025-27049	3 Oct 202520:07	–	euvd
Fedora	[SECURITY] Fedora 42 Update: python-deepdiff-8.6.1-1.fc42	26 Sep 202501:10	–	fedora
Fedora	[SECURITY] Fedora 42 Update: python-orderly-set-5.5.0-2.fc42	26 Sep 202501:10	–	fedora

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Leap	15.6	any	python311-deepdiff	6.3.0-150600.3.3.1	python311-deepdiff-6.3.0-150600.3.3.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python311-deepdiff	8.6.1-1.1	python311-deepdiff-8.6.1-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python312-deepdiff	8.6.1-1.1	python312-deepdiff-8.6.1-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python313-deepdiff	8.6.1-1.1	python313-deepdiff-8.6.1-1.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2025-58367
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1249347
lists	www.lists.suse.com/pipermail/sle-updates/2025-September/041565.html

06 Jun 2026 03:00Current

7.8High risk

Vulners AI Score7.8

CVSS 3.19.8

EPSS0.01056

deepdiff vulnerability delta class pickle deserialization remote code execution class pollution