GHSA-vr75-hjh9-7fr6

Опубликовано: 03 мар. 2025

Источник: github

Github: Прошло ревью

CVSS4: 5.3

Описание

Duplicate Advisory: Remote Code Execution via Malicious Pickle File Bypassing Static Analysis

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-655q-fx9r-782v. This link is maintained to preserve external references.

Original Description

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via pip.main(). Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic.

Ссылки

Пакеты

Наименование

picklescan

pip

Затронутые версииВерсия исправления

<= 0.0.21

Отсутствует

5.3 Medium

CVSS4

Дефекты

CWE-184

5.3 Medium

CVSS4

Дефекты

CWE-184